Off topic: DPA question
Roland Perry
lists at internetpolicyagency.com
Fri Jun 13 11:42:04 BST 2014
In article <aj3jp9p51vpsei2hc77didaab6l3a85qj9 at 4ax.com>, Marcus
Williamson <marcus at connectotel.com> writes
>Is a business email address considered "personal data" under the terms of the Data
>Protection Act (DPA)?
I discussed this at some length with the Commissioner (Elizabeth France
at the time) who was somewhat out on a limb with her view [which I
strongly agreed with] that what I'd call "obvious" email addresses like
roland at perry.co.uk were personal data!
Later reports from the Article 29 Working Party confirmed this, but some
(and especially USA-ian folks) still seem to be in denial about it
because they are extremely reluctant to adopt a position that some/many
email addresses are personal data and only appear to be prepared to
accept that all/none are, with a strong presumption that if they can
find just one that clearly isn't, then the answer is "none".
As for business email addresses, well if roland at perry.co.uk is a sole
trader, then of course it still is.
roland at internetpolicyagency.com is also personal data because I'm
immediately identifiable from that.
Where it starts getting tricky is whether a role address like
postmaster at internetpolicyagency.com is personal data, and I'd say it
still was if you can easily find other information confirming who the
postmaster (or ceo/sales/etc...) is.
--
Roland Perry
More information about the ukcrypto
mailing list