Picture from OneIS
A late night last Thursday due to attending an excellent talk by Professor Charles Oppenheim on information law. The event was the second in a series of talks organised by the wonderfully entrepreneurial information professional Jennifer Smith and sponsored by her OneIS company. Charles generously agreed to make his slides available on the One IS website
For his talk Charles cantered through a range of important and controversial topics, which was described as a chocolate box taster approach rather than an in depth analysis due to time constraints.
Having known Charles for many years I was already aware of his amazing ability – not only to bring what could be quite dry topics to life with amusing examples, but to explain really quite difficult subjects with clarity and brevity.
The topics covered were data protection, personal data, cloud computing, protecting your reputation online, disability discrimination, contracts and last, but by no means least, copyright.
This is a notoriously difficult and worrying topic for information professionals, and in fact anyone whole collects data about people in the United Kingdom. It all stems from the Data Protection Act of 1998, and covers information about individuals ranging from the innocuous to highly sensitive. One curious exception to its provenance is financial information, and we spent some time during the lengthy questions and answers session at the end pondering why this might be the case. My theory is that the UK banks recognised the law would have a disruptive impact on their activities, and used their considerable influence to ring-fence this area.
The Data Protection Act is based on the following eight principles, all of which have legal status (either civil or criminal), and is regulated by an Information Commissioner:
- Personal data must be obtained fairly, and for a bona fide purpose.
- It can only be used for one or more purpose, which must be clearly specified.
- The data obtained must be adequate, relevant and not excessive. Charles gave a wonderful example of a town council who included a question on chest size on their form for all new employees. The reason they asked the question was to help them keep their stocks of overalls correct for those staff who did ‘dirty jobs’, such as dustmen and women. However, when a secretary complained about the question the council (and the vast majority elsewhere in the country) were forced to change their policy.
- The data must be accurate and up to date (where relevant).
- It should not be kept for longer than necessary. (This led to a discussion of the recent news story about the UK police being forced to delete their DNA records of innocent civilians after six years, instead of keeping them forever).
- The data should be processed in accordance of the rights of individuals, who retain the right to sue for inaccurate information.
- It must be protected from loss, damage or destruction.
- It must not be transferred outside the European Economic Area. (This led to a discussion of Google and Amazon data servers which are based in the United States).
Charles then went on to give brief overviews of five more information law topics:
1. Cloud Computing – In particular the risks of exporting or storing data outside of the European Economic Area. Many organisations are not aware that by using Google or Amazon S3 servers their data is being stored in the United States, and so in breach of UK law.
2. Protecting your reputation online:
- This topic was about slander (temporary) and libel (published) where the reputation of an individual is harmed by false statements, to more than one ‘third’ party.
- It only applies if there is a reputation to be harmed. So saying Jeffrey Archer is a crook would not be libellous.
- An email to an individual is not libellous, but if it leaks out to others, then it becomes so.
- This is a particularly thorny topic due to the big differences in libel law between countries, in particular between the United States and the UK. We currently have the strictest libel laws in the world.
- Charles recommended regularly ‘Googling’ yourself to see what has been written about you online.
3. Disability discrimination – How you must make reasonable adjustments to cater for those with disabilities.
4. Contract law – This consists of five key elements. Offer and acceptance, consideration, intention to create legal relations, legal capacity and formalities. Charles reviewed the three levels of formality. 1. A verbal or email agreement (unlikely to accepted in court). 2. An email with a digital signature (generally accepted as binding). 3. An email with a signature and full encryption (full legal strength).
5. Copyright – Charles ended on this most complicated and controversial topic which led on to a lengthy question and answer session. He wanted to ensure we were all aware of the fact that just because content was freely available on the Internet, this did not mean it was not covered by copyright law. He recommended using sites such as Flickr which are covered under Creative Commons licences.