Several months ago, while we were brainstorming possible subjects for blog posts and holiday season features, we thought “Santa suffers a catastrophic data loss” would be a pretty funny and relevant item for the Office to cover.
Then the Revenue and Customs agency in the United Kingdom lost all that information, and the idea didn’t seem that funny anymore.
The British-based law form Pinsent Masons came up with their interpretation of the idea, tailored to the data protection regimes in Europe:
“There is a stream of questions Santa has yet to answer,” said William Malcolm, a data protection specialist at Pinsent Masons, the law firm behind OUT-LAW.COM.
“Is this information used for anything other than present giving? Information passes out of the EU, so does Santa check the letters for unambiguous, specific and informed consent to this overseas transfer?”
OUT-LAW’s attempts to put the questions to Claus were hindered by the lack of an office chimney. Eventually the questions were put up a domestic chimney but no response was received by time of publication.
The Data Protection Act says that you must inform someone when you are collecting data about them, and tell them what the purpose of collection is.
“What about the naughty/nice database?” said Malcolm. “Are children given notice that behavioural data is being collected about them throughout the year? And does it qualify as covert monitoring, which would breach Article 8 of the European Convention on Human Rights?”