Personal data in emails

Networking/Security Forums -> Anonymity // Privacy // Spam

Author: cantthinkofanickname PostPosted: Fri May 14, 2010 8:03 am    Post subject: Personal data in emails
    ----
We frequently send names and addresses of third parties in emails between our offices. We are in the UK.

Is this legal?

How can we protect such data (e.g. encrypt perhaps)?

We use an ISP webmail for emails but soon Exchange 2007 will be used to POP them.

Author: Fire AntLocation: London PostPosted: Fri May 14, 2010 8:50 am    Post subject:
    ----
It is certainly legal if people agreed that you could share their information or if it is contractually required e.g. you are reselling a product. If you are sharing personal information then you should be registered as a data controller so people can find out what information you hold on them and for what purpose (http://www.ico.gov.uk/tools_and_resources/register_of_datacontrollers.aspx).

I would certainly get familiar with the Data Protection Act - http://www.ico.gov.uk/what_we_cover/data_protection/your_legal_obligations.aspx

If you are going to be sending personal information it is best to secure it but that depends on your definition of personal information. IMO names and addresses do not constitute personal information as it is public information e.g. electoral role.

The DPA is a vast and complicated beast and there are lots of opinions one what you should do. I prefer to look at things ethically, if it was my information what would I expect you do to protect me and my information?

Fire Ant



Networking/Security Forums -> Anonymity // Privacy // Spam


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group