back to article Experts: What ICO should know BEFORE your private info ends up in a skip

The view of the Information Commissioner's Office (ICO) that businesses do not require individuals' "explicit consent" in order to contract others to process their sensitive personal data is in contrast with the wording of data protection law, according to two experts. A spokesperson for the UK's data protection watchdog told …

COMMENTS

This topic is closed for new posts.
Silver badge

I read the article

And I'm still none the wiser as to how safe my personal data is.

1
0
Anonymous Coward

loss of sensitive personal data

Hang on, so if a Royal Mail employee loses the forms after opening them, the DWP data controllers are responsible - but if Royal Mail lose it some time between the letter box and the sorting office, that's not an issue? Wouldn't you therefore explain every lost form as never having arrived, so there is no loss of sensitive personal data and no-one is responsible for a loss that didn't happen?

1
0
Anonymous Coward

Terms and Conditions accepting

If the 'using 3rd-parties to process personal data' bit is included in the provacy policy (stating what info is processed by whom) and the terms and conditions of using the service state that personal data will be handling as per the privacy policy, and the user explicitly accepts the terms then surely they have explicity given permission for the processing to be outsourced (as per the privacy policy).

In practice this will mean you either use the service as is, or don;t use the service - I can't see any organisation setting up 2 processes with one 'internal' and one outsourced giving the user the ability to chose which one they want to use. Not going to happen.

0
5
FAIL

Re: Terms and Conditions accepting

"In practice this will mean you either use the service as is, or don;t use the service"

Oh, so the answer (in this case) is not to use the NHS!?! Think again Moriarty!

2
0
Silver badge

Re: Terms and Conditions accepting

Quite right: there's a fundamental problem that you can't give informed consent if you don't have any alternative option because the provider is a monopolist.

But as all the DP legislation is just bureaucratic claptrap such trvialities won't matter. And in this case DWP and the Post Office can happily continue their Alliance of Useless Monopolists Playing Fast And Loose With Your Data. AUMPFALWYD for short (and coincidentally Welsh for hedgehog).

1
0
Anonymous Coward

Re: Terms and Conditions accepting

Obviously you can't not use the NHS - but what happens if you say 'I don't want my info being processed by a 3rd-party"? Do you think the NHS will set up a special team, system and process just for you? As I said it isn't going to happen. The current interpretation is that explicit consent is not required, and that is how it will stay.

I'm not saying I like it - I'm just being realistic about it.

0
0
Facepalm

Welsh for hedgehog

thats "draenog" surely?

ho ho ho :)

0
0
Anonymous Coward

ICO toothless pointless and usually feckless

As with almost any 'debate' that involves the ICO, you're left wondering why anyone would think they are the last word in protecting personal data. I'd have to struggle to recall a single incident in which the ICO's involvment yeilded a useful outcome. It's a bit like the ancient Greeks watching the gods battle over the earth; the process affects you, but it never appears to be in anyway about your interests.

If Royal Mail can't manage the simple task of delivering a credit/debit card to me with any regularity, without "losing" it or delivering it to several other houses first, I'm very unlikely to trust them to do much else, least of all process my sensitive data.

But then, what the fuck does it have to do with me? Like most other things concerning business or government in the UK, it's NEVER about us.

0
0
This topic is closed for new posts.

Forums