Data Protection in the UK? 24
Graham Moore asks: "I am getting really concerned about where my personal information goes nowadays. In the last two weeks I have read two news articles here in the UK that talk about call centers and other agencies being set up in India that will transparently deal with customers from the UK (see the this article from The Register). On the UK mainland we have the Data Protection Act to fall back on if we believe the data is knowingly being misused or we wish to see what is stored about us. I suspect that once off of the UK mainland our details can be used or abused unhindered. I have contacted my MP, Melanie Johnson, who is also the Minister for Consumer Affairs, and have not yet had a response. Am I worrying about this unnecessarily or should we all start to get very concerned?"
The EU is pretty tough with other countries (Score:4, Informative)
A lot of US companies were upset about this, as was the federal government, but I think the US ended up enacting laws that mirror the EU to ease tensions. Anyone has info on this?
UK Company (Score:2, Interesting)
If the call is advertised as ending overseas then I don't think there is much you can do about it.
Re:UK Company (Score:3, Interesting)
The contract you signed with them probably had some small print to the effect that they can use your data in accordance with doing business with you (or on your behalf). Yes, that *might* contravene the Data Protection Act, but would you be prepared to argue that in court? Could easily go either way.
Re:UK Company (Score:1)
People naturally assume you are UK based if you are British (with a slight londoner accent!) when calling a british company.
That has now changed - they are allowed to tell cutomers their location.
There is a way out... (Score:1)
A few years ago the UK signed up to the EU convention on human rights. If any person who is asked this question does not wish to answer it and suffers as a result I believe they have grounds for legal action.
Re:There is a way out... (Score:1)
When was the last time this class of ID was needed to open a bank account?
Interesting dichotomy. (Score:1, Interesting)
Perhaps the answer here is this: Make Palladium/TCPA mandatory--but also make individual's personal information subject to the same sort of DRM. If I apply for credit, for example, the information I submit should be unable to be copied, forwarded, printed, or viewed except as I authorise. Similarly, my medical records at the hospital should be unable to be forwarded to anyone except the portions I designated that my insurer would have access to.
False dichotomy. (Score:4, Interesting)
Another issue is the fact that there is no reason I should have to purchase a CD without having been able to listen to it beforehand to determine whether or not it's worth the price, especially since it cannot be returned or exchanged for another one after being purchased. But that doesn't really have anything to do with your suggestion.
Your suggestion about applying DRM-style limitations to consumer personal data is an interesting idea, however the notion that Palladium would aid us is rather disturbing, and I have a hard time even rationalizing it.
Re:the uk? (Score:1)
Tim Berners-Lee [w3.org] - invented the web
Alan Turing [turing.org.uk] - pioneer in computing
Stephen Hawking [hawking.org.uk] - international physics genius
Not lessening the acheivements of the USA, but get some world perspective! This is exactly why so many Brits get pissed at so many Americans.
And Einstein (German) had a reasonably large involvement in the development of atom bomb physics.
Foreign call centres are already commonplace (Score:2, Interesting)
to some foreign country is already common in the UK (Yes, I live in
the UK) and has been for years.
I called Iomega technical support a few years ago to get a free
replacement when one of my ZIP disks died. The telephone number I
dialed was a UK one, so I was quite surprised when I found the person
who answered had a very strong German accent. I asked where she was,
and she told me the call centre she was working in was in Ireland!
Now I know in this case the call wasn't going very far from the UK,
but it just as easily could have been. As for what this means for data
protection law, I couldn't even guess. IANAL.
Guardion report. (Score:4, Informative)
its all a sham - there is no protection (Score:1, Informative)
If a company is found to be in breach of the Data Protection Act there is no "comeback". They simply get wrapped on the knuckles and are told to sort the matter out as soon as possible. There is no penalty, and no penalty if they DON'T sort the matter out.
Be afraid. be very afraid.
Re:its all a sham - there is no protection (Score:1)
The British love regulation for regulation's sake, but always back off when it comes to enforcement. That's why the DTI is known as the Department of Timidity and Inaction.
Data export (Score:2, Informative)
Depends how cynical... (Score:3, Informative)
But first they must leave the mainland, and that is where the breach of the Act would occur.
An analogous situation - I do work in London for a Swiss bank. Some of the processing involves trading counterparty data, but under Swiss law it is illegal to export this data to the UK. As a result, we get obfuscated data that is meaningless to us, but which the Swiss office can decode back into meaningful counterparties. In other words, the UK is complying with Swiss data laws.
Now, admittedly it's unlikely that the police are watching every internal FTP transfer. We could transfer real data. Doing so would be a crime however, so we don't. The same situation apply to India - whilst it's technically possible to transfer the data, doing so would be a breach of the law.
So...do you trust the company you're doing business with? If you do, then I would suggest that you have nothing to worry about. If you don't, well...
Cheers,
Ian
(I don't, by the way...)
It's the Information Commissioner you want (Score:3, Informative)
paranoia? (Score:1)