In what had the nation reeling and rolling its collective eyes to heaven as it let out a cry of disbelief last month, an Irish homeowner who set up a website to show his CCTV footage of bad boys caught in the act of burglarising his home was told by the Irish Data Protection Commission that ‘he could be prosecuted under the Data Protection Acts if he continued to post the images and face a jail term or maximum fine of €100,000’ [Alison Bray, Irish Independent.ie 13 February 2014].
IT lecturer Robert Waters set up his website in an effort to warn other homeowners of the trouble that’s out there and to encourage ohers to post images of criminals in the act to help stop them. He went on national radio to advertise his site and within hours had received an e-mail from the Data Protection Commissioner (DPC) advising him that he was, in fact, breaking the law, unless, of course, he had the criminal’s consent to post their pictures.
Okay – when you’ve picked your jaw up off the floor, let’s take a minute to think about this.
Data protection laws are there to protect everyone, criminal and non-criminal alike. That’s a given. But let’s take it a step further. The e-mail from the DPC apparently said: ‘This office views a photograph or image of an individual as personal data’ and goes on to say that the ‘data controller’ – in this case Mr Waters – can only use someone’s personal data with their consent.
I had a fleeting thought about FB users posting photos of me without my permission? Could they be prosecuted? But that’s another question for debate. It’s the inadvertent breaking of the law that is bothering me. And, if hauled into court, can we use ‘But, your Honour, I didn’t know…’ as a defense?
When I checked the Web, I found an article listing 10 ways I might be breaking the law with my computer. And yes, I’m guilty of a few. I didn’t know that it was breaking the law to use someone else’s open wifi to surf the Net… Is that like not being allowed to read a newspaper left on a seat at the train station – isn’t it an open invitation? Were I living in Arkansas, I might also have a problem. Its law deals with ‘Unlawful computerized communications’ that makes it a crime to send a message via email or other computerized communication system (Instant Messenger, Web chat, IRC, etc.) that uses obscene, lewd, or profane language, with the intent to frighten, intimidate, threaten, abuse, or harass another person. Am thinking venting e-mails, here, sent to complain about bad customer service [blush]. And while I like the odd bet, gambling online in Washington State could see me in court. Who’d have known?
A few years ago there was a brouhaha in the UK about parents taking photos at a nativity play and then posting to social media sites. The Information Commissioner at the time said that this did not breach Data Protection Laws as the photos were for personal use. But as jouranlist Ian Shoesmith pointed out – personal use back in the day amount to developing prints and sticking them in photo albums. Nowadays, personal use equates to posting on Facebook for the whole world to see. Is this a breach?
I’ve searched, and searched, and searched, and can’t find the answer… any thoughts?