Reform Data Protection Legislation

Protection of personal data is areasonable aim, but the operation of the current law creates obstruction not protection.  At present many public and private organisations hide behind data protection legislation citing it as a reason for failing to provide adequate customer service two examples, there are many many others:

– My library will not allow me to know the books other members of the family have taken out in order to check and return them .

– My gas, phone and power utilities providers will only speak to the 'account holder'.

This is not protecting anyones' privacy it is obstructing the reasonable operation of household units.  At the very least there should be a requirement for any organisation believing the act forces them to implement the controls to allow people to 'opt out' of such 'protection' or nominate others who may access all the information involved.  

This would greatly reduce the cost of bureaucracy and wasted time.

Why is this idea important?

Protection of personal data is areasonable aim, but the operation of the current law creates obstruction not protection.  At present many public and private organisations hide behind data protection legislation citing it as a reason for failing to provide adequate customer service two examples, there are many many others:

– My library will not allow me to know the books other members of the family have taken out in order to check and return them .

– My gas, phone and power utilities providers will only speak to the 'account holder'.

This is not protecting anyones' privacy it is obstructing the reasonable operation of household units.  At the very least there should be a requirement for any organisation believing the act forces them to implement the controls to allow people to 'opt out' of such 'protection' or nominate others who may access all the information involved.  

This would greatly reduce the cost of bureaucracy and wasted time.

Reduce “data protection” restrictions

My wife prefers me to deal with her tax and pension affairs.  Even though she's already given the authorities permission for me to deal on her behalf, they continue to ask to speak to her in person so that she can answer "security questions"  — questions which I could just as easily answer.

We can do everything in writing, with me writing the letters and my wife signing them.  But we are being encouraged to use the telephone, so can we not find an arrangement that will allow spouses to deal with their spouses affairs without having to have the other party available to speak on the phone?

Why is this idea important?

My wife prefers me to deal with her tax and pension affairs.  Even though she's already given the authorities permission for me to deal on her behalf, they continue to ask to speak to her in person so that she can answer "security questions"  — questions which I could just as easily answer.

We can do everything in writing, with me writing the letters and my wife signing them.  But we are being encouraged to use the telephone, so can we not find an arrangement that will allow spouses to deal with their spouses affairs without having to have the other party available to speak on the phone?

Simplify & Tweak the Data Protection Act

The Data Protection act needs tweaking / simplifying because various organisation in the public & private sector seem to be using it as an excuse to make things more difficult than they need to be, such as:

– Updating / Cancelling / Changing a service (e.g. Broadband package, etc) on behalf of a disabled or elderly relative who can't do so themselves because of physical or pyschological reasons (e.g. can't use the phone because they're deaf and still can't hear via their hearing aid… or like me have speech difficulties), with the numpty in the call centre insisting they can only deal with the person the call is being made on behalf of. In some cases these could be a simple 5-10minute job via a secure internet connection if only the organisation in question would provide it but don't citing the Data Protection act as an excuse.

 

– Arranging to repay government benefits on behalf of a disabled or elderly relative, such as recently when the benefits agency decided they'd over-paid my Grandma (who'll be 95 later this month) while she'd been stuck in hospital for several weeks and my Dad was trying to organise repaying it (seeing as she's deaf), only for it to be made more complicated (with, yet again, the Data Protection act used as an excuse).

Why is this idea important?

The Data Protection act needs tweaking / simplifying because various organisation in the public & private sector seem to be using it as an excuse to make things more difficult than they need to be, such as:

– Updating / Cancelling / Changing a service (e.g. Broadband package, etc) on behalf of a disabled or elderly relative who can't do so themselves because of physical or pyschological reasons (e.g. can't use the phone because they're deaf and still can't hear via their hearing aid… or like me have speech difficulties), with the numpty in the call centre insisting they can only deal with the person the call is being made on behalf of. In some cases these could be a simple 5-10minute job via a secure internet connection if only the organisation in question would provide it but don't citing the Data Protection act as an excuse.

 

– Arranging to repay government benefits on behalf of a disabled or elderly relative, such as recently when the benefits agency decided they'd over-paid my Grandma (who'll be 95 later this month) while she'd been stuck in hospital for several weeks and my Dad was trying to organise repaying it (seeing as she's deaf), only for it to be made more complicated (with, yet again, the Data Protection act used as an excuse).

Change the PCI DSS Compliance regulations

For small businesses like mine the annual PCI DSS compliance review is just unnecessary red tape. Although I accept that there needs to be legislation in place to protect card details, this could be served by a simple set of standards, rules and guidelines that all businesses must follow.

We don't keep any card details, other than keeping the merchant copy of a transaction slip for six months before shredding them, so why should I have to complete a lengthy questionnaire every year? If our card handling system has been found compliant, why do I have to apply for verification of compliance every year? Why not just make it necessary for me to report any changes? Yet again this appears to be a regulation where we have to confirm how we are doing something so that someone else can decide we are doing nothing wrong. It just seems like another job creation scheme.

Why is this idea important?

For small businesses like mine the annual PCI DSS compliance review is just unnecessary red tape. Although I accept that there needs to be legislation in place to protect card details, this could be served by a simple set of standards, rules and guidelines that all businesses must follow.

We don't keep any card details, other than keeping the merchant copy of a transaction slip for six months before shredding them, so why should I have to complete a lengthy questionnaire every year? If our card handling system has been found compliant, why do I have to apply for verification of compliance every year? Why not just make it necessary for me to report any changes? Yet again this appears to be a regulation where we have to confirm how we are doing something so that someone else can decide we are doing nothing wrong. It just seems like another job creation scheme.

Data protection – outlaw the trading of personal data for gain

The sale of personal data has become commonplace in recent times and that data is being used (abused) by those who are buying and those who are selling. As a result, there is a swingeing increase in those who are greatly motivated by greed to exploit the fact that, inadvertently or otherwise, they are in possession of information that could be traded.

My name, my address and any other detail pertinent to me is pertinent to me alone. If that information is of any consequence to any other person – whether for profit or not – it is not to be traded under any circumstances.

One classic example of traded data relates to circumstances where a civil liability might be incurred, e.g. a motor accident. There is scarcely any physical damage to the vehicles involved and yet, 'claims farmers', unscrupulous solicitors, accident management companies, vehicle repairers, engineers or anybody involved in the process will have personal details of the parties involved in the accident; details which have a trading value to others who can exploit the civil litigation system – not in the name of justice and fair play but in the name of personal greed with little regard for the possible consequences of their activity. Watch TV during any advertisement break and bear witness to a myriad of traders (mostly illegitimate) who are seeking to make money from the 'victims' of the accident most of whom never suffered injury in the first instance but who are ready and willing to perjure themselves for the promise of a crock of gold.

Outlaw the trading of personal data and rid the country of a litigious nation whose primary motivation in life is "Something for nothing" 

Why is this idea important?

The sale of personal data has become commonplace in recent times and that data is being used (abused) by those who are buying and those who are selling. As a result, there is a swingeing increase in those who are greatly motivated by greed to exploit the fact that, inadvertently or otherwise, they are in possession of information that could be traded.

My name, my address and any other detail pertinent to me is pertinent to me alone. If that information is of any consequence to any other person – whether for profit or not – it is not to be traded under any circumstances.

One classic example of traded data relates to circumstances where a civil liability might be incurred, e.g. a motor accident. There is scarcely any physical damage to the vehicles involved and yet, 'claims farmers', unscrupulous solicitors, accident management companies, vehicle repairers, engineers or anybody involved in the process will have personal details of the parties involved in the accident; details which have a trading value to others who can exploit the civil litigation system – not in the name of justice and fair play but in the name of personal greed with little regard for the possible consequences of their activity. Watch TV during any advertisement break and bear witness to a myriad of traders (mostly illegitimate) who are seeking to make money from the 'victims' of the accident most of whom never suffered injury in the first instance but who are ready and willing to perjure themselves for the promise of a crock of gold.

Outlaw the trading of personal data and rid the country of a litigious nation whose primary motivation in life is "Something for nothing" 

Implementation of Money Laundering Regulations

Any law abiding person recognises the need for Money Laundering Regulations;  the way they are implemented by many organisations leads to a loss of personal freedom and serious risk of Identity Theft.

Nearly everyone seems to need either a driving licence or passport to verify one's identity  against money laundering.  I live in Northern Ireland, and take exception to having to post my passport to England for two reasons

  1. The risk of it being lost in the post and my identity being compromised
  2. Whilst it is away I cannot travel, by air, to England where I have family because a passport is required to board a plane.

Posting away a driving licence is potentially worse – the identity theft risks are similar but if one's passport is away one may be unable to produce it to the police in the 5 days required in NI, hence limiting one's ability to drive

Please can we have the regulations set so that law abiding people are not inconvenienced or identites risked

Why is this idea important?

Any law abiding person recognises the need for Money Laundering Regulations;  the way they are implemented by many organisations leads to a loss of personal freedom and serious risk of Identity Theft.

Nearly everyone seems to need either a driving licence or passport to verify one's identity  against money laundering.  I live in Northern Ireland, and take exception to having to post my passport to England for two reasons

  1. The risk of it being lost in the post and my identity being compromised
  2. Whilst it is away I cannot travel, by air, to England where I have family because a passport is required to board a plane.

Posting away a driving licence is potentially worse – the identity theft risks are similar but if one's passport is away one may be unable to produce it to the police in the 5 days required in NI, hence limiting one's ability to drive

Please can we have the regulations set so that law abiding people are not inconvenienced or identites risked

Data Protection Act

This is going rather to far now, when you ring up about your own account, water, council tax, bank et c, and all you want is to ask a question not change anything, they say they have to go through the procedure, because of Data protection, but you only want to know something, and unless you answer all the security questions they will not talk to you.  it is like getting into GCHQ!

Also sometimes the bank rings you up asking you details, I say to them how do I know you are from the bank they say, if they give me a phone number then I can ring it and check, but anyone can use any number knowing you are going to ring to check will answer as a bank, I have said I will not talk to them, if they have something to say to me then they need to write, it has to work both ways, if they are strict then you have to be strick, when I say that they do not have an answer, maybe they should have some questions that we can ask to make sure it is them. I feel this also needs to be looked at.

Why is this idea important?

This is going rather to far now, when you ring up about your own account, water, council tax, bank et c, and all you want is to ask a question not change anything, they say they have to go through the procedure, because of Data protection, but you only want to know something, and unless you answer all the security questions they will not talk to you.  it is like getting into GCHQ!

Also sometimes the bank rings you up asking you details, I say to them how do I know you are from the bank they say, if they give me a phone number then I can ring it and check, but anyone can use any number knowing you are going to ring to check will answer as a bank, I have said I will not talk to them, if they have something to say to me then they need to write, it has to work both ways, if they are strict then you have to be strick, when I say that they do not have an answer, maybe they should have some questions that we can ask to make sure it is them. I feel this also needs to be looked at.

Decentralise passports for expats back to local embassies

British expats abroad are now being forced to renew their passports centrally in Düsseldorf. Like almost every other country in the world, I would like to see this return to local embassies and no longer be centralised in Germany.

Why is this idea important?

British expats abroad are now being forced to renew their passports centrally in Düsseldorf. Like almost every other country in the world, I would like to see this return to local embassies and no longer be centralised in Germany.

Requirement for Retailers of TV Equipment to collect personal data, under the Wireless Telegraphy Act 1967 (as amended)

Today I bought a Freeview box as a gift for my sister in law. When paying for the item I was informed that I was required by law to provide the name and address of the property where the item was to be used. I was unhappy about this, as 1) It is not my property and 2) I would not necessarily be happy that a retailer's information was handled sufficently securely and subject to the safeguards under the Data Protection Act. I therefore protested and was informed that they would not be able to sell me the item, on pain of a personal fine to the person who sold me the equipment.

 

This seems to stem from the Wireless Telegraphy Act 1967 (as amended). It seems to me a wholly unneccessary law, given that we already have a TV Licensing Authority, whose job it is to administrate the database – not that of electrical retailers!

Why is this idea important?

Today I bought a Freeview box as a gift for my sister in law. When paying for the item I was informed that I was required by law to provide the name and address of the property where the item was to be used. I was unhappy about this, as 1) It is not my property and 2) I would not necessarily be happy that a retailer's information was handled sufficently securely and subject to the safeguards under the Data Protection Act. I therefore protested and was informed that they would not be able to sell me the item, on pain of a personal fine to the person who sold me the equipment.

 

This seems to stem from the Wireless Telegraphy Act 1967 (as amended). It seems to me a wholly unneccessary law, given that we already have a TV Licensing Authority, whose job it is to administrate the database – not that of electrical retailers!

Should all government data on citizens be controlled by independent trusts? And to whom would they be answerable?

Just wondering on this, but the more storage we get, inevitably the more data the government holds will increase. Computers were supposed to reduce paperwork, they increased it due to data.

The more data the government holds the more capacity, power and potential corruption therein they have to start abusing it. Should the control of what requests in their various contexts are acceptable and what not, lie with the system, or should it be independently controlled?

Trusts can be used to monitor which types of data requests are asked (by polticians, police, insurance companies), of whom and why. Police are already known to use anti terror requests to identify comparatively petty criminals, showing that (through the abuse of power) they can be no more trusted with data than said criminals.

As we have more data over time over more issues, I propose that the data is pulled away from the people that can unaccountably use that data to trusts that are accountable. Once appointed, they could appoint new members keeping themselves independent. But to whom should the trusts be accountable? The people via votes, other data trusts, or the politicians they are supposed to regulate?

Why is this idea important?

Just wondering on this, but the more storage we get, inevitably the more data the government holds will increase. Computers were supposed to reduce paperwork, they increased it due to data.

The more data the government holds the more capacity, power and potential corruption therein they have to start abusing it. Should the control of what requests in their various contexts are acceptable and what not, lie with the system, or should it be independently controlled?

Trusts can be used to monitor which types of data requests are asked (by polticians, police, insurance companies), of whom and why. Police are already known to use anti terror requests to identify comparatively petty criminals, showing that (through the abuse of power) they can be no more trusted with data than said criminals.

As we have more data over time over more issues, I propose that the data is pulled away from the people that can unaccountably use that data to trusts that are accountable. Once appointed, they could appoint new members keeping themselves independent. But to whom should the trusts be accountable? The people via votes, other data trusts, or the politicians they are supposed to regulate?

Remove Credit Reference Agencies Right to a Persons information without our permission

Credit Reference Agencies seem to think it is their moral duty to have information concerning us,without care or concern they add data to your file and without your permision,they can collate references without your knowledge and they keep this data which may hold  information which is untrue  or incorrect,they also charge you for  the privelage to see what they hold,this charge must be removed and be free so we can check wether or not it is correct and factual,for too long banks have had the upper hand in trashing your information and this does affect you for years to come,

if the information is in dispute the CRA'S must inform you and your right to reply must be added to the information gathered it also must  be compulsary for these agancies to  send you a copy of the information before they enter it onto their books,if it is factual then this is fair but if it involves a default coming from anyone you must be able to dispute this and they must never accept any information from DEBT COLLECTION AGENTS who will trash your files for years to come and not just the six years as you imagine but it can go on every 5 years and 11 months thereafter,in other words you have no say….the time has come where you are able now to charge the CRA'S with data that is untrue and we should be allowed legal aid free to prosecute the companies involved

Why is this idea important?

Credit Reference Agencies seem to think it is their moral duty to have information concerning us,without care or concern they add data to your file and without your permision,they can collate references without your knowledge and they keep this data which may hold  information which is untrue  or incorrect,they also charge you for  the privelage to see what they hold,this charge must be removed and be free so we can check wether or not it is correct and factual,for too long banks have had the upper hand in trashing your information and this does affect you for years to come,

if the information is in dispute the CRA'S must inform you and your right to reply must be added to the information gathered it also must  be compulsary for these agancies to  send you a copy of the information before they enter it onto their books,if it is factual then this is fair but if it involves a default coming from anyone you must be able to dispute this and they must never accept any information from DEBT COLLECTION AGENTS who will trash your files for years to come and not just the six years as you imagine but it can go on every 5 years and 11 months thereafter,in other words you have no say….the time has come where you are able now to charge the CRA'S with data that is untrue and we should be allowed legal aid free to prosecute the companies involved

humans rights for the public

I have to be honest I'm been arrested on several times and my DNA have been taken but I've not been charged but I found out that my DNA hasn't been distroyed but kept on the national police DNA systems, which I find is a breach of my human rights, Also whilst on the conversation of national Police system, that if a person had been arrested on an offence but later found out either the person is innocent or wrongly arrested, the arrest is still on the system and when or if that person is stopped, the officer does an check on that person, there radio's are so loud that others in the public eye can over hear that persons arrest previously convictions, and they mis understand the person/person's arrest record and they gets pushed aside. Theis is a serious breach of data protection act.

Why is this idea important?

I have to be honest I'm been arrested on several times and my DNA have been taken but I've not been charged but I found out that my DNA hasn't been distroyed but kept on the national police DNA systems, which I find is a breach of my human rights, Also whilst on the conversation of national Police system, that if a person had been arrested on an offence but later found out either the person is innocent or wrongly arrested, the arrest is still on the system and when or if that person is stopped, the officer does an check on that person, there radio's are so loud that others in the public eye can over hear that persons arrest previously convictions, and they mis understand the person/person's arrest record and they gets pushed aside. Theis is a serious breach of data protection act.

TRANSFER OF INFORMATION BETWEEN GOVT DEPTS

I would like to see a ban on the transfer of private details between Govt Departments.

Why shoul HM Tax ,transfer my details to Dept of Social Security, on a disc, which could be lost containing my private details.

Both departments should have there own copy of my records.

Why is this idea important?

I would like to see a ban on the transfer of private details between Govt Departments.

Why shoul HM Tax ,transfer my details to Dept of Social Security, on a disc, which could be lost containing my private details.

Both departments should have there own copy of my records.

Data Protection Act

I have just tried to pay our water bill over the phone. I own this home jointly with my husband but because my name is not on the water bill the staff at the water company would not let me pay the bill. Even though we have been married for 25 years.

Get rid of this stupid Data Protection Act.

 

 

Why is this idea important?

I have just tried to pay our water bill over the phone. I own this home jointly with my husband but because my name is not on the water bill the staff at the water company would not let me pay the bill. Even though we have been married for 25 years.

Get rid of this stupid Data Protection Act.

 

 

Stop government databases taking personal information without consent

The Justice and Coroner's Act 2009 amended the Data Protection Act to allow the free exchange of information across databases. There is supposed to be a code of practice about sharing information, but there are no penalties for violating the code.

It is a gross invasion of privacy to know that personal information submitted to one state organisation can be legally taken without consent by another state organisation. This is exactly how Contactpoint came about – personal information on pupils and parents held by schools was uploaded without consent to a central government database. 

Similarly personal information held by schools on teachers is sent out without consent to a central government database under the guise of a 'teacher census'.

Why is this idea important?

The Justice and Coroner's Act 2009 amended the Data Protection Act to allow the free exchange of information across databases. There is supposed to be a code of practice about sharing information, but there are no penalties for violating the code.

It is a gross invasion of privacy to know that personal information submitted to one state organisation can be legally taken without consent by another state organisation. This is exactly how Contactpoint came about – personal information on pupils and parents held by schools was uploaded without consent to a central government database. 

Similarly personal information held by schools on teachers is sent out without consent to a central government database under the guise of a 'teacher census'.

Scandalous

No one should be allowed to sell pass or give anyone's personal information to any other person, peoples, companies or any other bodies of any description. The clue is in the word PERSONAL.

Why is this idea important?

No one should be allowed to sell pass or give anyone's personal information to any other person, peoples, companies or any other bodies of any description. The clue is in the word PERSONAL.

Stop DVLA from selling Personal Data

The DVLA should not be allowed to sell driver's name and address details to private companies. 

This should apply to ALL Government department or how long will it be before health records are being sold to drug companies or insurance companies?

Why is this idea important?

The DVLA should not be allowed to sell driver's name and address details to private companies. 

This should apply to ALL Government department or how long will it be before health records are being sold to drug companies or insurance companies?

Health care workers (Duty of Co-operation) Regulations 2010

Stop these unjust draft  regulations from ever coming into effect! 

They are discriminatory against anyone who works in front line health care (on the grounds of occupational status), by permitting legalised defamation of character and removing current protection afforded by the Data Protection Act. Under these regulations even unsubstantiated and malicious allegations must be kept on record long term- even indefinitely, and shared with other potential employers, professional bodies etc.

This is grossly unfair and potentially turns a vocation to care for others into a curse!

What hope for improved 'whistle-blowing' rights if highly dedicated professionals may be persecuted in this way by vindictive managers/ employers who are never held to account for the damage they  inflict upon standards of care?

Apparently these repugnant regulations are still under consultation on the Department of Health's website until July 9. For heaven's sake, why?

Katherine Guellard Registered Nurse

Why is this idea important?

Stop these unjust draft  regulations from ever coming into effect! 

They are discriminatory against anyone who works in front line health care (on the grounds of occupational status), by permitting legalised defamation of character and removing current protection afforded by the Data Protection Act. Under these regulations even unsubstantiated and malicious allegations must be kept on record long term- even indefinitely, and shared with other potential employers, professional bodies etc.

This is grossly unfair and potentially turns a vocation to care for others into a curse!

What hope for improved 'whistle-blowing' rights if highly dedicated professionals may be persecuted in this way by vindictive managers/ employers who are never held to account for the damage they  inflict upon standards of care?

Apparently these repugnant regulations are still under consultation on the Department of Health's website until July 9. For heaven's sake, why?

Katherine Guellard Registered Nurse

Scrap Section 11 of the DPA

Section 11(1) of the Data Protection Act 1998 grants an individual the right to ask an organisation to cease processing their personal data for direct marketing purposes. So if a company is sending you marketing by e-mail or post, then by sending them a Section 11 notice they have a legal obligation to comply. However, many well known companies have failed to comply with a Section 11 notice.

Section 11(2) of the Data Protection Act 1998 grants an individual the right to seek a court order against any organisation that fails to comply with Section 11(1). But it's up to the individual to submit the court order. And bearing in mind that such a court order – a claim for Specific Performance, will follow the the multi-track court system, is it no wonder that no one has used it? It's too expensive!

Section 11(2) should be scrapped – because it shouldn't be up to the individual to have to go through the process of a fairly serious court case just to get an organistion to comply with Section 11(1). Section 11(2) should be scrapped and replaced with an authorisation for the Information Commissioner's Office to prosecute any organsation that contravenes Section 11(1).

Why is this idea important?

Section 11(1) of the Data Protection Act 1998 grants an individual the right to ask an organisation to cease processing their personal data for direct marketing purposes. So if a company is sending you marketing by e-mail or post, then by sending them a Section 11 notice they have a legal obligation to comply. However, many well known companies have failed to comply with a Section 11 notice.

Section 11(2) of the Data Protection Act 1998 grants an individual the right to seek a court order against any organisation that fails to comply with Section 11(1). But it's up to the individual to submit the court order. And bearing in mind that such a court order – a claim for Specific Performance, will follow the the multi-track court system, is it no wonder that no one has used it? It's too expensive!

Section 11(2) should be scrapped – because it shouldn't be up to the individual to have to go through the process of a fairly serious court case just to get an organistion to comply with Section 11(1). Section 11(2) should be scrapped and replaced with an authorisation for the Information Commissioner's Office to prosecute any organsation that contravenes Section 11(1).

DVLA and Data protection

The selling of personal details to commercial organisations is morally wrong and despite rulings to the contrary should be a breach of the data protection act. These  details should only be released to the police or local authorities for the detection or prevention of crime.

Why is this idea important?

The selling of personal details to commercial organisations is morally wrong and despite rulings to the contrary should be a breach of the data protection act. These  details should only be released to the police or local authorities for the detection or prevention of crime.

Remove innocent people from the DNA Data Base

The names and personal details, together with photographs, fingerprints and DNA samples should immediately be removed by the police when a person is not charged with an offence. The current police discretion, or lack of it, in such matters is shameful. George Orwell got the date wrong: it shouldn't have been 1984 but the 21st century.

Why is this idea important?

The names and personal details, together with photographs, fingerprints and DNA samples should immediately be removed by the police when a person is not charged with an offence. The current police discretion, or lack of it, in such matters is shameful. George Orwell got the date wrong: it shouldn't have been 1984 but the 21st century.

2011 census form

The 2011 census form devised by Labour has been described as a snooper's charter.  I would like to see the Coalition modify these forms to remove intrusive and personal questions that the State has no right to know, and to go back to the more basic essential questions that you would expect from a census form.

Why is this idea important?

The 2011 census form devised by Labour has been described as a snooper's charter.  I would like to see the Coalition modify these forms to remove intrusive and personal questions that the State has no right to know, and to go back to the more basic essential questions that you would expect from a census form.