« Commission acts on a deficient UK Data Protection Act - at last | Main | Body scanner Code of Practice still defective »



Feed You can follow this conversation by subscribing to the comment feed for this post.

I'm FOI Officer for a county council. When we receive requests of the "email addresses and contact details for your head of Finance, head of IT, etc." we always ask the affected employees if they would like us to issue a s10 (DPA) notice on their behalf. Usually they say yes, as they don't want to be spammed with emails/tel. calls from companies trying to sell them stuff. So, when we send the response, we attach a s10 notice, addressed to the requestor, advising them that the individuals within the response are objecting to their personal data being used for marketing. Seems to work, as we've never had a colleague subsequently tell us that they've received marketing as a result of the disclosure.

The comments to this entry are closed.

All materials on this website are the copyright of Amberhawk Training Limited, except where otherwise stated. If you want to use the information on the blog, all we ask is that you do so in an attributable manner.