Thursday, November 22, 2007

How many new teachers' personal data has been sent abroad?

Way back in the mists of time that were September 2006 I wrote about the Government's Teaching and Development Agency For Schools and the fact that if you sign up to become a teacher you agree to the Government's "privacy policy". That "privacy policy" still states,
3.4 - We may also find it necessary to transfer your personal information to third parties located outside the European Economic Area (EEA). This may happen where companies who process data on behalf of TDA are based outside of the EEA. The data protection and other laws of these countries may not be as comprehensive as those in the UK or the EU - in these instances we take rigorous steps to ensure an adequate level of protection is given to your information.
I thought it might be pertinent to mention it again in light of recent news. As I said the first time, they're essentially saying, "we accept no responsibilty for anyone that sells your data after we've given it to them for free and asked them to promise not to tell anyone".

7 comments:

Anonymous said...

God almighty! This is a direct contravention of EU data protection law. How the f**k do they get away with it?

Anonymous said...

I suspect this has more to do with offshoring the in-house IT to Bangalore rather than passing data to a third party.

dizzy said...

off shoring to Bangalore will mean using a third party company in Bangalore.

dizzy said...

Having said this they are very clear "We may also find it necessary to transfer your personal information to third parties" - they even say it is the case.

Anonymous said...

I think in the teacher's case, they were also obliged to provide their mother's maiden name, which is often used as a security check by banks.

Anonymous said...

With respect, the third-parties who process this data in their LCC offices are (in my experience - I work for one of them) completely obsessed with data security and encryption, because unlike HMRC, they will be prosecuted and fined unspeakable amounts of money if there is a leak. This is true of all client data, not just personal information. IP leaks, or unauthorised transmission of commercially-sensitive information is one of the guarenteed ways to get fired without a pay-off.

dizzy said...

To be fair I wasn;t saying they are not. What I mam saying is that the disclaimer implies that the data goes into third party hands and is no longer guaranteed by the Governemnt.