Slashdot Mirror

← Back to Stories (view on slashdot.org)

Data Protection in the UK?

Posted by Cliff on from the very-real-privacy-concerns dept.

Graham Moore asks: "I am getting really concerned about where my personal information goes nowadays. In the last two weeks I have read two news articles here in the UK that talk about call centers and other agencies being set up in India that will transparently deal with customers from the UK (see the this article from The Register). On the UK mainland we have the Data Protection Act to fall back on if we believe the data is knowingly being misused or we wish to see what is stored about us. I suspect that once off of the UK mainland our details can be used or abused unhindered. I have contacted my MP, Melanie Johnson, who is also the Minister for Consumer Affairs, and have not yet had a response. Am I worrying about this unnecessarily or should we all start to get very concerned?"

9 of 24 comments (clear)

  1. The EU is pretty tough with other countries by km790816 · · Score: 4, Informative

    I read this article about the EU stroing arming US companies to comply with EU privacy guidelines. I can't believe this wouldn't be the case for India as well.

    A lot of US companies were upset about this, as was the federal government, but I think the US ended up enacting laws that mirror the EU to ease tensions. Anyone has info on this?

    --
    A speech...
  2. UK Company by ThePilgrim · · Score: 2, Interesting

    If i've read this right, then a company with an office in the UK that is using offshore call centers with out telling you, especially if they get their call center staff to lie about their location, will either be guilty of a breach of the Data Protection act or fraud.

    If the call is advertised as ending overseas then I don't think there is much you can do about it.

    --
    Wouldn't it be nice if schools got all the money they wanted and the army had to hold jumble sales for guns
    1. Re:UK Company by stephend · · Score: 3, Interesting

      I'm doubt most companies would be that stupid. They wouldn't lie, they'd just obfuscate the truth...

      The contract you signed with them probably had some small print to the effect that they can use your data in accordance with doing business with you (or on your behalf). Yes, that *might* contravene the Data Protection Act, but would you be prepared to argue that in court? Could easily go either way.

  3. False dichotomy. by Anonymous Coward · · Score: 4, Interesting

    There's no dichotomy there. The root of both issues is that a person has the right to control their own property. If I go buy the latest Crap Band(TM) CD, that is now my property, and so I should really be able to do whatever I wish with it. Similarly, my own personal information is my own property unless I sell it to someone else. My doing business with someone does not give them the right to sell my personal information, much like I am not allowed to make thousands of copies of that Crap Band CD and sell them.

    Another issue is the fact that there is no reason I should have to purchase a CD without having been able to listen to it beforehand to determine whether or not it's worth the price, especially since it cannot be returned or exchanged for another one after being purchased. But that doesn't really have anything to do with your suggestion.

    Your suggestion about applying DRM-style limitations to consumer personal data is an interesting idea, however the notion that Palladium would aid us is rather disturbing, and I have a hard time even rationalizing it.

  4. Foreign call centres are already commonplace by SteWhite · · Score: 2, Interesting

    Hate to break this to you, but the practice of having the call routed
    to some foreign country is already common in the UK (Yes, I live in
    the UK) and has been for years.

    I called Iomega technical support a few years ago to get a free
    replacement when one of my ZIP disks died. The telephone number I
    dialed was a UK one, so I was quite surprised when I found the person
    who answered had a very strong German accent. I asked where she was,
    and she told me the call centre she was working in was in Ireland!

    Now I know in this case the call wasn't going very far from the UK,
    but it just as easily could have been. As for what this means for data
    protection law, I couldn't even guess. IANAL.

  5. Guardion report. by Troodon · · Score: 4, Informative

    Over a few weeks The Guardian covered, in a series of supplements, the current state of privacy in the UK: Big Brother, it may answer some of the questions you have.

    --
    troodon.net
  6. Data export by dpash · · Score: 2, Informative

    IIRC, If a company exports data to a country without eqivelent or better data protection laws they are committing an offence under the act. I can look up more information if you are interested.

  7. Depends how cynical... by mccalli · · Score: 3, Informative
    I suspect that once off of the UK mainland our details can be used or abused unhindered.

    But first they must leave the mainland, and that is where the breach of the Act would occur.

    An analogous situation - I do work in London for a Swiss bank. Some of the processing involves trading counterparty data, but under Swiss law it is illegal to export this data to the UK. As a result, we get obfuscated data that is meaningless to us, but which the Swiss office can decode back into meaningful counterparties. In other words, the UK is complying with Swiss data laws.

    Now, admittedly it's unlikely that the police are watching every internal FTP transfer. We could transfer real data. Doing so would be a crime however, so we don't. The same situation apply to India - whilst it's technically possible to transfer the data, doing so would be a breach of the law.

    So...do you trust the company you're doing business with? If you do, then I would suggest that you have nothing to worry about. If you don't, well...

    Cheers,
    Ian
    (I don't, by the way...)

  8. It's the Information Commissioner you want by rpjs · · Score: 3, Informative

    The Information Commissioner is the person to raise this with first, rather than your MP, even if she is a minister (or the cynical would say, especially if she is a minister...)