Data Protection

by Gladring 2 Replies latest jw friends

  • Gladring
    Gladring

    I just thought I'd share this information for anyone in Ireland. This is a quote from the website www.dataprotection.ie informing you of your rights.

    Under Section 3 of the Data Protection Acts, you have a right to find out, free of charge, if a person (an individual or an organisation) holds information about you. You also have a right to be given a description of the information and to be told the purpose(s) for holding your information.

    You must make the request in writing. The person must send you the information within 21 days.

    Under Section 4 of the Data Protection Acts, you also have a right to get a copy of your personal information. This applies to all types of information -for example, written details about you held electronically or on paper, photographs and CCTV images. You are also entitled to know where the information was obtained, how it has been used and if it has been passed on to anyone else. All you need do is write to the person or organisation holding the information. You need not quote the Data Protection Acts, but it is a good idea to do so. Your letter might read something like:

    Dear ...
    I wish to make an access request under the Data Protection Acts 1988 and 2003 for a copy of any information you keep about me, on computer or in manual form. I am making this request under section 4 of the Data Protection Acts.

    You should also include any additional details that would help to locate your information - for example, a customer account number or staff number. You may be asked for evidence of your identity. This is to make sure that personal information is not given to the wrong person. When requesting some types of record, such as credit history or Garda records, it may also be useful to provide a list of previous addresses, previous names and your date of birth. You may be asked to pay a fee, but this cannot exceed €6.35.

    Once you have made your request, and paid any appropriate fee, you must be given the information within 40 days (most organisations manage to reply much sooner).

    I would be interested if anyone has experiences with this or similar law in other countries.

  • kurtbethel
    kurtbethel

    The US needs a provision like that, and especially an identity theft protection act. Entities collect data, usually for legitimate reasons, but it is a responsibility that they manage the data so that it does not cause the subject of their records to come to harm. US legislators have been very busy rubber stamping the collection of data by spy agencies while refusing to address the identity theft caused by mismanaged data that has been a problem for over 15 years.

  • MissingLink
    MissingLink

    Because the USA does not provide such protection - section 11 is especially interesting:

    11. Restriction on transfer of personal data outside State

    11(1) The transfer of personal data by a data controller to a country or territory outside the European Economic Area may not take place unless that country or territory ensures an adequate level of protection for the privacy and the fundamental rights and freedoms of data subjects in relation to the processing of personal data having regard to all the circum-stances surrounding the transfer and, in particular but without prejudice to the generality of the foregoing, to...


    So it would seem they should not be able to notify Brooklyn HQ of your details. But it looks like you might have to request a "Prohibition Notice" from the data protection commissioner.

    I'll chat with you tomorrow about your situation.

    BTW - I believe all member states of the EU must provide similar protection, although the details may differ. Can anyone confirm?

Share this

Google+
Pinterest
Reddit