Archive for the ‘Legal’ Category

« Older Entries
Newer Entries »

Are You A Data Controller?

January 22nd, 2010

email iconWell, go on then, are you??

This may come as a shock but if you have a marketing list (which you should have, at the very least, started if you are an Internet Marketer) and dictate the purpose of  use of said list, then you are a Data Controller! OMG!

This post is subject to my usual disclaimer of IANAL (I Am Not A Lawyer!) and the contents of this post cannot and may not be construed as legal advice.

A data Controller is defined by the Information Commissioner’s Office as;

a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.“[1]

Okay, yeah, but, well , like..what’s personal data then? Good question, well asked. The ICO, under Key Definitions of the Data Protection Act, defines personal data as….

Personal data means data which relate to a living individual who can be identified –

(a) from those data, or
(b) from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller,

and includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual.“[2]

Whoah that was little bit over my head and slightly ruffled the quiff there John.   How exactly do we decide if a person can be identified?

Ah ha, I knew you would ask that question and clearly so did the ICO because they produced an informative booklet with the alluring title of  “Data Protection Technical Guidance – Determining what is personal data”. The booklet does exactly what it says on the tin, or rather, the cover, and defines personal data as……..

An individual is ‘identified’ if you have distinguished that individual from other members of a group. In most cases an individual’s name together with some other information will be sufficient to identify them.“[3]

And therein lies the problem. If you are collecting email addresses and a name (i.e. the usual sign up form) then you are, in effect, A DATA CONTROLLER.

Stay tuned (via RSS or Twitter) as my next post will cover the responsibilities of a Data Controller when applied to the Data Protection Act.

[1]  Data Controller

[2] Personal Data

[3] Identifiable

Regards

John


1 Comment »
« Older Entries
Newer Entries »
Twitter
Recent Posts
Archived Posts
Post Comments
Blog Sponsors

Click here to get Backend-income-secrets.com

multi profit website advert

MRR Membership

Interesting Blogs

Design and Grafix by John Chadwick --- Copyright © John-Chadwick.com. All Rights Reserved.