Presentation is loading. Please wait.

Presentation is loading. Please wait.

Human Rights Act, Privacy in the context of auditing Phil Huggins Chief Technologist, IRM PLC

Published byMagdalen White Modified over 8 years ago

Similar presentations

Presentation on theme: "Human Rights Act, Privacy in the context of auditing Phil Huggins Chief Technologist, IRM PLC"— Presentation transcript:

1 Human Rights Act, Privacy in the context of email auditing Phil Huggins Chief Technologist, IRM PLC phil.huggins@irmplc.com

2 I AM NOT A LAWYER!! This is based on the best practises and advice I have been received. You will need to get your own legal advice.

3 Legal Context for Privacy of Email  Not “Interception of Communications”.  Confidentiality  A common law concept  Data Protection Act 1998  European Data Protection Directive  Human Rights Act 1998  European Convention on Human Rights

4 Confidentiality  Protects information where misuse would be “unconscionable”  Does not protect trivial information  Does not protect public domain information  Does not protect information about a crime  Traditionally applied to “professional” relationships:  Doctor/patient  Financial information  Applies to dead people

5 Data Protection Act 1998  Applies to all information  Only applies to recorded information  Protects living people only  “..where monitoring goes beyond mere human observation and involves the collection, processing and storage of any personal data it must be done in a way that is both lawful and fair to workers.”  Must conduct “impact assessment” for any monitoring.  Employee consent is NOT required UNLESS the data to be monitored is ‘sensitive data” as described under the DPA.  Covert monitoring requires authorisation at a “senior level” within the business.

6 Human Rights Act 1998  Article 8 - Right to respect for private and family life 1.Everyone has the right to respect for his private and family life, his home and his correspondence. 2.There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.

7 Article 8 in the Private Sector  A v B & C (No.2) 2002  Married footballer attempting to prevent publication of details of an affair by a newspaper or through other media by the mistress  Private sector organisations (probably) do not have to comply with Article 8 in their normal business.  However, a court or an employment tribunal is a public authority and HRA Article 8 may well affect the admissibility of evidence

8 Conclusion  Ensure all evidential material is gathered in a manner compliant with the Data Protection Act 1998  Ensure staff are aware of the expectations of privacy when using business communications systems

9 Regulation of Investigatory Powers Act 2000  RIPA introduced to cope with the change in communications systems since the rapid growth of the Internet.  Mainly focused on issues of interception and intrusive investigation.  Includes provision for law enforcement and other public bodies to try to deal with the rapid spread of good quality encryption systems.  Restrictions on businesses detailed in the Lawful Business Practice Regulations.

10 Lawful Business Practice Regulations  Under RIPA it is against the law for a business to intercept communications on it’s systems.  Exceptions:  Under a warrant  Consent of sender and receiver  Required for the operation of the system

11 Lawful Business Practice Regulations Is the interception connected with the operation of the communications system ? Have senders and receivers both given consent ? Is there an interception ? Interception can take place. Yes No Yes No Continue

12 Lawful Business Practice Regulations Interception can take place. No interception can take place Is the interception only for monitoring business related communications ? No Is the interception for an authorised business purpose ? Is a confidential telephone counselling service involved ? Is the interception to decide whether a communication is business related ? Have all reasonable efforts been made to inform users of Interception ? No Yes No

13 Lawful Business Practice Regulations  Authorised Business Use  “to prevent and detect crime”  “to investigate or detect unauthorised use of the telecommunications system”  “to ensure the security of the system and it’s effective operation”  However, must make all reasonable efforts to inform users of interception !  Workers, including temporary or contract staff, will be users of the system but outside callers or senders of e-mail will not be.

Download ppt "Human Rights Act, Privacy in the context of auditing Phil Huggins Chief Technologist, IRM PLC"

Similar presentations

SURVEILLANCE: opportunities and pitfall David Matthias QC and Ryan Kohli.

SURVEILLANCE: opportunities and pitfall David Matthias QC and Ryan Kohli.
TECHNO-TONOMY Privacy & Autonomy in a Networked World Learning Module 2: Legislating Privacy: Your Rights.

TECHNO-TONOMY Privacy & Autonomy in a Networked World Learning Module 2: Legislating Privacy: Your Rights.
Institutional Telecomms and Computer Network Monitoring Andrew Charlesworth University of Bristol 10 June 2002.

Institutional Telecomms and Computer Network Monitoring Andrew Charlesworth University of Bristol 10 June 2002.
NATIONAL INFORMATION GOVERNANCE BOARD

NATIONAL INFORMATION GOVERNANCE BOARD
Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
INFORMATION TECHNOLOGY, HIGHER EDUCATION AND THE LAW Matt Meyer Eversheds IT and E-commerce Group.

INFORMATION TECHNOLOGY, HIGHER EDUCATION AND THE LAW Matt Meyer Eversheds IT and E-commerce Group.
Computer and Data Security Laws and Regulations --short most basic version-- Nicolas T. Courtois - University College of London.

Computer and Data Security Laws and Regulations --short most basic version-- Nicolas T. Courtois - University College of London.
Www.emlawshare.co.uk RIPA John Riddell Weightmans LLP 12 th February 2015.

RIPA John Riddell Weightmans LLP 12 th February 2015.
Legal and moral aspects English Nineteenth Century Philosopher, John Stuart Mill: ‘As soon as any part of a person’s conduct affects prejudicially the.

Legal and moral aspects English Nineteenth Century Philosopher, John Stuart Mill: ‘As soon as any part of a person’s conduct affects prejudicially the.
The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.

The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.
Property of Common Sense Privacy - all rights reserved 01875340890 THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.

Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.
Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
1 WHY IS WHISTLEBLOWING IMPORTANT AND ON WHAT PRINCIPLES SHOULD PROTECTIVE LEGISLATION BE BASED? David Lewis, Professor of Employment Law, MiddlesexUniversity,

1 WHY IS WHISTLEBLOWING IMPORTANT AND ON WHAT PRINCIPLES SHOULD PROTECTIVE LEGISLATION BE BASED? David Lewis, Professor of Employment Law, MiddlesexUniversity,
Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.

 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.
HUMAN RIGHTS BASED APPROACH See Me Brewing Lab Cathy Asante.

HUMAN RIGHTS BASED APPROACH See Me Brewing Lab Cathy Asante.
Human Rights Search: Basic Documents United Nations Charter 1945 Article 55United Nations Charter Universal Declaration of Human Rights 1948Universal Declaration.

Human Rights Search: Basic Documents United Nations Charter 1945 Article 55United Nations Charter Universal Declaration of Human Rights 1948Universal Declaration.
Competition law and Article 8 ECHR VMR, 13 March 2008 Jolien Schukking.

Competition law and Article 8 ECHR VMR, 13 March 2008 Jolien Schukking.
CASE OF NIEMIETZ v. GERMANY (Application no. 13710/88) JUDGMENT STRASBOURG 16 December 1992.

CASE OF NIEMIETZ v. GERMANY (Application no /88) JUDGMENT STRASBOURG 16 December 1992.
Regulation of Personal Information Daniel Pettitt, Leon Sewell and Matthew Pallot.

Regulation of Personal Information Daniel Pettitt, Leon Sewell and Matthew Pallot.

Similar presentations

Ads by Google