data breach

**LondonManc** · 18 April 2016, 10:59

Originally posted by tim123 View Post

So what you are saying is that someone (working on a specific project) has (may have) taken some project specific documents which just happen to contain the name, address and phone numbers (any other personal details) of other people working on that same project, and that act is a data breach?

I think that's pretty far fetched, because surely the dissemination of those details to other people involved with the project is exactly why you might want these details to be there in the first place.

If anyone is guilty of a data protection "crime" in this scenario, it will be the company for not correctly documenting/protecting the use that they were going to make of the data when they asked their employee for it, not the project numpty who copies it into his personal address book.

tim

No, I didn't say that. I'm saying we don't know what data has been taken; there could be sample data in the document(s) for all we know. We simply don't know what's there so cannot discount data protection issues.

**WTFH** · 18 April 2016, 11:28

Originally posted by tim123 View Post

So what you are saying is that someone (working on a specific project) has (may have) taken some project specific documents which just happen to contain the name, address and phone numbers (any other personal details) of other people working on that same project, and that act is a data breach?

I think that's pretty far fetched, because surely the dissemination of those details to other people involved with the project is exactly why you might want these details to be there in the first place.

If anyone is guilty of a data protection "crime" in this scenario, it will be the company for not correctly documenting/protecting the use that they were going to make of the data when they asked their employee for it, not the project numpty who copies it into his personal address book.

tim

Nope, the protected data may have included information that should protected (we're not talking about the piffly data protection act).

Let's say he was working for Thales and the project was to fix a bug in the guidance laser of the Starstreak which meant while it couldn't be jammed, it could sent off course. And let's say that was detailed in the project document which also discussed the solutions and showed which one was chosen along with any problems that occurred as a result.

That would be valuable data that should be protected.

**tim123** · 19 April 2016, 07:03

Originally posted by WTFH View Post

Nope, the protected data may have included information that should protected (we're not talking about the piffly data protection act).
.

Sorry, but the people to whom I responded were talking about the piffly data protection act

tim

**tim123** · 19 April 2016, 07:11

Originally posted by LondonManc View Post

No, I didn't say that. I'm saying we don't know what data has been taken; there could be sample data in the document(s) for all we know. We simply don't know what's there so cannot discount data protection issues.

Oh come on

live "real person" data as samples in project documentation,

and you think that the use of that data by project personnel could be a breach of "data protection" by that user?

As before, if that data were there, then it would be there intending it to be used by project personnel, then the only person in the targets for prosecution if that use is unlawful, is the person responsible for putting it in the document, not the person using it.

The whole company structure has to take responsibility for DP. As a manager, you can't absolve your own responsibility by getting your underlings to sign some contract saying that it is always their fault.

tim

**WTFH** · 19 April 2016, 14:11

OK, tim if that's your view of the situation, fair enough.

Others of us have a different opinion/experience and have stated it, backing it up with perfectly valid examples.

**fidot** · 5 May 2016, 16:54

So, what was the outcome?

**northernladuk** · 5 May 2016, 17:04

Originally posted by fidot View Post

So, what was the outcome?

He only gets 10 mins internet a day so no time to respond. Give about 6 months and he'll be back with an update.

**DallasDad** · 5 May 2016, 18:57

Then point him to the thread about gaps in CVs

**Andy2** · 9 May 2016, 21:06

Originally posted by fidot View Post

So, what was the outcome?

I apologised and agreed to delete the files. Client decided not to pursue the matter further.

Thanks everyone for some excellent advice.

**Fred Bloggs** · 9 May 2016, 21:25

Originally posted by Andy2 View Post

I apologised and agreed to delete the files. Client decided not to pursue the matter further.

Thanks everyone for some excellent advice.

Lucky outcome, learn from it.

data breach

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Partners

Advertisers

Contractor Services

CUK News

data breach

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Partners

Advertisers

Contractor Services

CUK News

Tag Cloud