PL&B UK E-news, Issue 42
- Identity thieves target Network Rail
- ICO publishes guidance about employee references
- Information Commissioner resolves DP/FoI tension and orders disclosure of MPs expenses
- Jersey’s New Data Protection Law now implemented
- Northumbria University offers new course in Information Rights
1. Identity thieves target Network Rail
One in seven workers employed by Network Rail had their identities stolen recently in one of the most costly cases of identity theft ever seen in Britain. Network Rail’s Chief Executive John Armitt wrote to the company’s 30,000 employees assuring them that they would not be held responsible for any financial losses related to the fraud. Investigators have said that criminal gangs are responsible. Insider help is suspected.
2. ICO publishes guidance about employee references
The Information Commissioner’s Office has produced a guide to help employers understand how the Data Protection Act applies to employee references. It is one of a series designed to make data protection simpler.
It says that in most cases individuals have a right to a copy of information held about them. If there is confidential information in a reference, however, then an exemption may apply.
For further info, see: www.ico.gov.uk.
3. Information Commissioner resolves DP/FoI tension and orders disclosure of MPs expenses
The Information Commissioner ordered the House of Commons to release MPs’ travel expenses after two similar appeals were determined by him on 22nd February under the Freedom of Information Act.
The complainants requested a breakdown of travel claims by individual MPs showing the amounts claimed on official business for travel by air, train, road, and one of the complainants also asked for claims made for travel by bicycle.
The House of Commons refused to release the information on the basis that it would contravene section 40(2) of the Act, which relates to personal information, where disclosure would contravene the principles of the Data Protection Act.
However, the Commissioner did not accept that the requested information would contravene the Data Protection Act if disclosed ruling that the information relates to individuals acting in an official, rather than a private capacity. Therefore, he ordered that the information be released within 30 days of the issue of his Decision Notice.
The full decision notice is available on the ICO website: www.ico.gov.uk.
4. Jersey’s New Data Protection Law now implemented
1st December 2005 was implementation date for the Data Protection (Jersey) Law 2005 which serves to bring Jersey in line with European Directive 95/46. The Law is almost a complete reflection of the UK Data Protection Act 1998, a move that was, according to the Data Protection Commissioner, Emma Martins, very deliberate.
She stated: “We have a large number of UK and Europe-wide businesses with offices and branches in Jersey. In making the pieces of legislation so similar, we have sought to ensure, so far as possible, that the cross-jurisdictional compliance requirements for those organisations is as manageable as possible”. But although similar, the Jersey Law is not identical and there are a number of notable differences, including an offence which could lead to a prison sentence.
There will be a more detailed report in the March/April edition of the PL&B UK Newsletter.
5. Northumbria University offers new course in Information Rights
Northumbria University, in conjunction with the Department for Constitutional Affairs, has recently developed a new Information Rights programme. The Postgraduate Diploma/LLM in Information Rights Law and Practice is the first postgraduate qualification designed to unravel the complexities of the Data Protection Act 1998, the Freedom of Information Act 2000, and the Environmental Information Regulations 2004, together with the common law duty of confidence and the right to privacy protected by the European Convention for the Protection of Human Rights and Fundamental Freedoms.
For further information contact Programme Leader Helen Morris: firstname.lastname@example.org.
Copyright Privacy Laws & Business 2006