[OSM-talk] [Osmf-talk] Membership applications from Skobbler employees

Barnett, Phillip PHILLIP.BARNETT at ITN.CO.UK
Fri Aug 26 11:33:38 BST 2011 



[http://images.itn.co.uk/images/ITN_Master_blue.gif]

PHILLIP BARNETT
SERVER MANAGER

200 GRAY'S INN ROAD
LONDON
WC1X 8XZ
UNITED KINGDOM
T +44 (0)20 7430 4474
F
E PHILLIP.BARNETT at ITN.CO.UK
WWW.ITN.CO.UK
P  Please consider the environment. Do you really need to print this email?



________________________________
From: 80n [80n80n at gmail.com]
Sent: 26 August 2011 10:47
To: Barnett, Phillip
Cc: Jim Brown; talk at openstreetmap.org; Ed Avis
Subject: Re: [OSM-talk] [Osmf-talk] Membership applications from Skobbler employees


On Fri, Aug 26, 2011 at 10:22 AM, Barnett, Phillip <PHILLIP.BARNETT at itn.co.uk<mailto:PHILLIP.BARNETT at itn.co.uk>> wrote:

On Fri, Aug 26, 2011 at 1:13 AM, Barnett, Phillip <PHILLIP.BARNETT at itn.co.uk<mailto:PHILLIP.BARNETT at itn.co.uk>> wrote:

Well, this is a sideshow to the main debate, but you are still not revealing personal data, merely a fact about some or all members of a group. You are clear to do this under the UK Data Protection Act. I can say '"Most of the voting population of the UK live in this country" and you can cross-refer to the UK electoral register, for names and addresses, but that doesn't mean I've released the personal details of 40 million people!

In this instance, Cloudmade were releasing personal data. But since they're not under UK law,  the fact that they released their own employees names and faces and email addresses is presumably between them, their employees, and the US government.

>The data point that we would have been revealing is that these people were members of OSMF.  >Membership of an organisation is personal information and we did not want to leak that information in >any form whatsoever.

From the legislation guidance notes
"An individual is 'identified' if you have distinguished that individual from other members of a group. In most cases an individual's name together with some other information will be sufficient to identify them."
http://www.ico.gov.uk/upload/documents/determining_what_is_personal_data/whatispersonaldata2.htm


So if you had said that a large number of applications had been made from Apple employees, then since we have no way of knowing whether every single Apple employee, up to and including the janitor, had made an application to join, we are not be able to reverse-engineer the membership status of any individual employee, and so this is not 'personal' information but aggregate group information.

And therefore the Data Protection Act doesn't come into it.
Phillip






Please Note:

Any views or opinions are solely those of the author and do not necessarily represent those of Independent Television News Limited unless specifically stated. This email and any files attached are confidential and intended solely for the use of the individual or entity to which they are addressed. If you have received this email in error, please notify postmaster at itn.co.uk 

Please note that to ensure regulatory compliance and for the protection of our clients and business, we may monitor and read messages sent to and from our systems.

Thank You.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/talk/attachments/20110826/ed4a8956/attachment.html>

More information about the talk mailing list