Breach of confidence - The Data Manager PF forum

[ProfJohnL]

Sir

I am appalled to read that at some point during the operation of this forum, information that was given to you in confidence and on the very clear understanding that it would be treated as confidential was made public expressly against my wishes, and without my consent.

This is a very serious breach of confidence and I believe could be contrary to the regulations you have to follow in the Data protection act.

The release of my data was not in the public interest for reasons that I have explained previously which have not been challenged.

Under the terms of the DPA please inform me of exactly what information you hold about me, and to whom, when and why this information has be passed or processed.

In the spirit of the DPA please detail what steps you are taking to recover the breach of confidentiality and how you will prevent the release of confidential data in the future.

 

[sparkes]

John, you need to do this via post

 

[ProfJohnL]

John, you need to do this via post

Steve,

What is your position in the Haymarket Empire? Are you expert in the operation of the DPA?

As I understand the all that is required is a written request to the Data Manager. That I have done.

 

[sparkes]

Steve,

What is your position in the Haymarket Empire? Are you expert in the operation of the DPA?

As I understand the all that is required is a written request to the Data Manager. That I have done.

John, I am not connected with the mag at all.

However, If you post a request here you are in no way confirming receipt and as such they are not subject to the timelimit set out by the ICO. (as in they may not read it for a month). So, if you never get a reply, they have not broken any rules.

Send the request via recorded delivery post and then under the rules they have to reply within a set period. They may request a fee for this but it cannot be more than

 

[DEANO3528]

The biggest problem here is the forum software and the Mod has mentioned an upgrade at sometime in the future.

However, no matter whether you like a Moderator or not, he/she is party to basic details like email address and IP address.

That's usually about it. Admin have more access usually down to most login details except password.

I have to agree that this forum seems to be struggling just now, but hey let's not preach all doom and gloom.

 

[ProfJohnL]

The biggest problem here is the forum software and the Mod has mentioned an upgrade at sometime in the future.

However, no matter whether you like a Moderator or not, he/she is party to basic details like email address and IP address.

That's usually about it. Admin have more access usually down to most login details except password.

I have to agree that this forum seems to be struggling just now, but hey let's not preach all doom and gloom.

Hi Deano,

I am not sure why you have added your comments here. I am concerned that an understanding ( cold even be deemed a contract!)that clearly exsisted between the PC form and myself regards the security and confidntiality of data has been broken.

That is not a complaint aganist a moderator, unless they are responsible for the breach. It is irelevant to say that the moderator only has access to basic details, again if that information was supplied under an agreed and accepted level of confidentiality, then it must be afforded the same level of protection from exposure.

Exatly the same comments apply to Admin - whoever they are.

Clearly the forum controllers do seem to be struggling but that does not absolve them from complying with The Data Protection Act.

I am exersicing my rights to acertain what data PC hold on me, and to whom they have decided to expose my data to.

I am unclear why you should think I am preaching Doom and Gloom, perhaps you could explain your thinking?

 

[ProfJohnL]

John, I am not connected with the mag at all.

However, If you post a request here you are in no way confirming receipt and as such they are not subject to the timelimit set out by the ICO. (as in they may not read it for a month). So, if you never get a reply, they have not broken any rules.

Send the request via recorded delivery post and then under the rules they have to reply within a set period. They may request a fee for this but it cannot be more than

 

[ProfJohnL]

Thank you Steve for your response of 23 Oct 2005 00:05 AM ,

I understand the bulk of your comments, but one or two points are not quite clear.

Firstly your first paragraph infers that I cannot confirm receipt. The fact that it is posted and appears on the forum confirm that their system has received the posting It is also dated and timed. Haymarket cannot deny its existence and your responses also prove it was posted. Legally they would be on very sticky wicket if they tried to deny its existence

As Haymarket are the site operators and through their negligence or failure to maintain the site correctly, a well reported and recorded breach of confidentiality has occurred. whilst under the regulations they can request a search fee, I have seen no request for such fee from them as yet.

I am not surprised that others may have complained about the same incident, that is their prerogative, and in no way should affect my individual right to complain and seek the information I have requested, equally my request does not restrict any other individual from making similar requests such as yourself.

I appreciate that you may have offered some advice, and I apologise if my reply was a bit short, but I am upset at the lack of control that this forum has exercised. In my case the release of the information may actually compromise my ability to attract or retain certain clients to my business.

In your last paragraph you claim I have "Jumped the Gun" Please explain, have I acted too quickly? that seem strange as as you say you responded as soon as it happened!

Yes I believe it still worth keeping the forum going, it has helped many caravanners, and that makes it worth while, however its current format does raise concerns and I am convinced that a forum where abusers can be correctly identified by the owners and if necessary barred then it will be a better place. To do this will require the owners to have a bomb proof data management system, which the most recent incident shows they do not currently have. I look forward to improvements, which is a positive attitude, not doom and gloom.

 

[DEANO3528]

Sorry John, not saying you were preaching doom and gloom, but me!

I have slated this forum software on several occasions and added that to placate the moderator.

I have to say that your thread starter is on a public forum and is thus open to debate by all and sundry. Perhaps it should have been emailed or letter posted if we were not supposed to see or comment.

I admit mine was a tangential post I guess, as there has been talk of a second Moderator that users didn't agree to having access to their details. This was what I, obviously wrongly, thought you were on about.

 

[sparkes]

Thank you Steve for your response of 23 Oct 2005 00:05 AM ,

I understand the bulk of your comments, but one or two points are not quite clear.

Firstly your first paragraph infers that I cannot confirm receipt. The fact that it is posted and appears on the forum confirm that their system has received the posting It is also dated and timed. Haymarket cannot deny its existence and your responses also prove it was posted. Legally they would be on very sticky wicket if they tried to deny its existence

As Haymarket are the site operators and through their negligence or failure to maintain the site correctly, a well reported and recorded breach of confidentiality has occurred. whilst under the regulations they can request a search fee, I have seen no request for such fee from them as yet.

I am not surprised that others may have complained about the same incident, that is their prerogative, and in no way should affect my individual right to complain and seek the information I have requested, equally my request does not restrict any other individual from making similar requests such as yourself.

I appreciate that you may have offered some advice, and I apologise if my reply was a bit short, but I am upset at the lack of control that this forum has exercised. In my case the release of the information may actually compromise my ability to attract or retain certain clients to my business.

In your last paragraph you claim I have "Jumped the Gun" Please explain, have I acted too quickly? that seem strange as as you say you responded as soon as it happened!

Yes I believe it still worth keeping the forum going, it has helped many caravanners, and that makes it worth while, however its current format does raise concerns and I am convinced that a forum where abusers can be correctly identified by the owners and if necessary barred then it will be a better place. To do this will require the owners to have a bomb proof data management system, which the most recent incident shows they do not currently have. I look forward to improvements, which is a positive attitude, not doom and gloom.

John

In order for the forum to be a place that you could place the request it would need to do 2 important things.

1, Identify you without question as the originator

2, Be accepted as a Guarenteed medium of delivery to the person responsable for the DPA within the organisation.

Unfortunatly it does neither.

As for jumping the gun, I ment, you replied as if I was jsut posting a snide remark. I was not. The info was intended to help you get what you are seeking.

As for the Forum, I have considered this, and the result for me is that this will be my last post. I will read them, but at this time have no intention of replying or getting involved in discussions on here.

As I said, good luck with getting the info.

Steve

 

[RichardH]

I know I am new here but what the hell is all the fuss about.? The two Issues that I have seen are

1) A new moderator now has access to my email address. I expect any moderator on a forum to have that access and I know a forum owner can appoint who ever they want as a moderator, so I have no possible reason for complaint.

2) Apparently for an hour or two my real name was visable, Whats the issue with that? Its not like your real name is a secret, unless of course you are claimimng to be someone your not.

lets put this into prospective, item one is in the terms and conditions so no issue. Item two some poor s*d made a mistake which revealed no more information that you give to anyone you introduce yourself to. Most of the people on this forum will happily walk into a store and use a credit, debit or payment card to pay for some thing. In doing that in a place withno chip and pin facilities you are giving some one your card number , a copy of your signiture and an indicaion that funds are available on that card. You pass all of this to a total stranger employed by someone else.

I have only been here a while but I am considering not using the forum as it seems to be more about people finding something to itch about than about sharing knowledge and experiences of what is a great hobby shared by us all.

sorry to rant

/me steps of soap box and awaits the tirade

 

[DEANO3528]

My original post was made in ignorance of the problem yesterday, but I have to say that unless the passwords were on display, I don't feel at all threatened by this glitch.

However as John does feel aggreived I can respect that fact whether I think it right or not.

 

[DEANO3528]

My original post was made in ignorance of the problem yesterday, but I have to say that unless the passwords were on display, I don't feel at all threatened by this glitch.

However as John does feel aggreived I can respect that fact whether I think it right or not.

Oops, that should be 'aggrieved'

 

[Damian]

Having seen the "glitch" that happened the other day, namely the showing of full names onthe forum for approx one hour, which was no more than a previous time when full names were shown for a couple of days on forums, I fail to see what major problem john has with what happened, and why the explanation and apology made in the other thread relating to this incident is not acceptable.

Part of john's later post refers to , and I quote " In my case the release of the information may actually compromise my ability to attract or retain certain clients to my business."

How can this possibly be true, this is not a selling medium, nor is it a trading place, nor is it anything but a Public Forum, for the discussion of various topics, mainly relating to caravanning

Lately the forum has had its share of problems, with spoof posters, comments which had no place in a public forum, and computer problems, which I understand are being worked on, and in trying to rectify the comp problems led to the inadvertant publishing of full names.

The forum, generally is a good forum, despite what has been going on, and will, in time improve, hopefully when haymarket can change to a better system, but that takes time,and of course money, which , as this is a free forum, is costing them for server space and upkeep, with no cost to us, the users, apart from the occasional glitch.

I think that unless very personal details are released, of which full name does not fall into this category, then all is ok, and John has , in my opinion, over reacted to what amounts to a trivial problem.

As has been said in an earlier postin, you are quite happy to pass your bank details to anyone in a shop, or over the net if purchasing on line, and your full name is readily available on the Electors Register, the DVLA , which in turn is linked to the Police National database, plus I can almost guarantee that you receive loads of junk mail from companies yuo personally have never been in contact with, as your "personal details" are sold on to companies, increasingly more now, by outsourced call centres.

Anyone who uses credit cards , debit cards, loyalty cards etc, can have their daily movements tracked so very easily, as is true of people using mobile phones, who , if needed, can be tracked to within 1 metre, so come on, get real, yuo may think your details are personal, but the wider world knows different.

Having just had

 

[ProfJohnL]

For Deano, Richard H, and Damian,

Deano,(23 Oct 2005 11:54 AM) I am quite aware, and it was a deliberate act to post my thread starter. I wanted to publicly show that I am upset with the failure of the forum operator to contain data that was supplied under a confidentiality agreement. I also hoped it would encourage other contributors to add their voices to show Haymarket that they must treat such information like gold dust.

I have no beef with properly authorised persons having justified access to the data.

Richard (23 Oct 2005 02:47 PM) first of all welcome to the forum and please continue to add comments. See above with reference to your first paragraph, but there is an issue with the forum displaying full names, where it was implicit in the signing up process that your details would be kept confidential. I do not extol the use of anonymity for the purpose fraud or belligerency, but it is a well accepted tradition in the journalistic and theatrical environments to use a pseudonym, to protect commercial interests and intellectual copyright, and to protect ones private life.

Because my real name is coincident with a major manufacture in the industry, and for a time I worked for the company, a member of the public who had a gripe with the company incorrectly assumed that I was responsible and could effect changes within the company. As a result I was physically attacked by the person. It was later proven that the persons gripe was unfounded and the company was exonerated in the matter, but I am still haunted by the incident.

I can appreciate that for some people the breach of confidence that occurred will make little or no difference to their lives. But I view such a breach with anger especially as the information was supplied under an agreement to maintain confidentiality.

Damian (23 Oct 2005 09:07 PM ) I am sorry to read of your loss, I too have had my credit card details stolen and money withdrawn, fortunately not as much, and my card operator spotted the unusual pattern and stopped it.

In your second Paragraph you correctly point out that this forum is not for selling, I do not use it to sell or to invite business, but the fact that I do answer many postings, using what professional skills and experience I have, and through those answers I expose my personal views on some subjects. These could, if viewed and linked to my real name by a potential client, be instrumental in causing the client to shy away from my services. That is why I choose to use a pseudonym, to break the link with my clients. Perhaps you can see that from my perspective the breakdown of the system is a major concern to me and has commercial impact.

As for the passage of data to banks etc, yes, and yes they are also bound by confidentiality agreements enforced by commercial pressures and the DPA. The main difference here is that the forum is focused on caravanning issues, that means it is most likely to attract caravanners or people who have a commercial interest in caravanning. This common interest binds the readers and contributors and it would make it easier for anyone to link a real name with activity within the industry.

Anyone who is determined to find out personal details will probably succeed, using fair means or foul. But this issue is not about those types because their interest is unlikely to be about what I am seeking to protect here.

Now here is the confession - I did not see the actual breakdown, so I do not know what personal information was actually displayed. But I am led to believe that real names were shown. If I am wrong in this belief, then, I apologies for jumping to an incorrect conclusion. If I am right in my belief then all the above is justified.

 

[Lol1]

You don't work for Louis Walsh of "X Factor" fame do you John?

That's one guy who shouldn't be sleeping soundly this week....

 

[CliveV]

Morning All

As has been said - this has happened before. I do believe there to be a security issue but not quite the one mentioned above (of which I confess not to understand because I cannot see how in that case a problem exists) - However, I for one in the past assumed that my last name would NEVER be shown on this Forum.

I therefore was quite happy to mention where I lived. There is even a thread now that asks for this info.

If I had said I have a brand new XXXX make 'van, and I live in Plymouth - it is quite easy for a tow-rag to look in the phone book under my name and get a list of all the "Fred Bloggs" in the area.

Nice if you steal caravans to order!

 

[ProfJohnL]

You don't work for Louis Walsh of "X Factor" fame do you John?

That's one guy who shouldn't be sleeping soundly this week....

Sorry Lol I cant swing the voting in your karioki party.

 

[ProfJohnL]

Morning All

As has been said - this has happened before. I do believe there to be a security issue but not quite the one mentioned above (of which I confess not to understand because I cannot see how in that case a problem exists) - However, I for one in the past assumed that my last name would NEVER be shown on this Forum.

I therefore was quite happy to mention where I lived. There is even a thread now that asks for this info.

If I had said I have a brand new XXXX make 'van, and I live in Plymouth - it is quite easy for a tow-rag to look in the phone book under my name and get a list of all the "Fred Bloggs" in the area.

Nice if you steal caravans to order!

Thanks for your comments Clive,

Please consider, It is known that you are involved in the insurance business - you have been kind enough to tell us, Now you have expressed your support for the use of 4x4s. So immediately any potential client who was anti 4x4 could be predisposed to steer clear of your brokerage or agency. You have therefore affected your commercial business.

 

[Lol1]

You don't work for Louis Walsh of "X Factor" fame do you John?

That's one guy who shouldn't be sleeping soundly this week....

No need John, i have a voice that can charm the birds from the trees (sounds like a 12 bore shotgun)and the fish from the sea (dynamite).

 

[KenWashington]

I can only apologise again on behalf of PCV that due to glitch full names, but no other personal info, showed against posts for a period of about one hour.

This was an unexpected side-effect of efforts the tech team were making to identify and block multiple registrations and logins.

 

[CliveV]

Morning All

As has been said - this has happened before. I do believe there to be a security issue but not quite the one mentioned above (of which I confess not to understand because I cannot see how in that case a problem exists) - However, I for one in the past assumed that my last name would NEVER be shown on this Forum.

I therefore was quite happy to mention where I lived. There is even a thread now that asks for this info.

If I had said I have a brand new XXXX make 'van, and I live in Plymouth - it is quite easy for a tow-rag to look in the phone book under my name and get a list of all the "Fred Bloggs" in the area.

Nice if you steal caravans to order!

Hi John

I appreciate the comment and it is of course potentially true. However most of my clients use us for our expertise - not because of the cars we use.

I have to say - I get more "stick" (friendly!) from colleagues and clients that know me because I have a caravan than ever I do for driving a 4x4!!!

 

[CliveV]

In my view - if they succeed - it will have been WELL worth it!

 

[Lord Braykewynde]

No problems Your Moddyship, I dont care if my name was up in lights for a hour, in my position Im used to being in the public eye. For those who missed it it is..........

The Right Honourable, Lord Arbuthnot Marmaduke Polly Erasmus Braykewynde, 49th Earl of Screwemm Hall.

If there are any female servants, former or still serving, who have ideas about now sending me a virus for being the father of their sprogs forget it. The virus I caught at the time was bad enough.

 

[ProfJohnL]

No problems Your Moddyship, I dont care if my name was up in lights for a hour, in my position Im used to being in the public eye. For those who missed it it is..........

The Right Honourable, Lord Arbuthnot Marmaduke Polly Erasmus Braykewynde, 49th Earl of Screwemm Hall.

If there are any female servants, former or still serving, who have ideas about now sending me a virus for being the father of their sprogs forget it. The virus I caught at the time was bad enough.

The emminent old firm of soliciters Roll & Butter, of speradseasy Street. are cliaming that they have received instructions from a flock of sheep and a butler. How say you sir?