NEWS

Unwary Franchisees Risk ProsecutionAccording to the Data ProtectionRegistrar (DPR) thousands of businessfranchisees in the UK could be unwit­tingly breaking the law and be liable toprosecution under the Data ProtectionAct 1984. Any organisation whichprocesses personal information, even aslittle as names and addresses, on com­puters could find themselves facing anunlimited fine in the higher courts ifthey do not register with the DPR.

DPR spokesperson Elizabeth Francewarned that some smaller companiesshould not consider that they areexempt from the requirements of theDPA believing that they are covered bythe DP registration of the franchiser.Ignorance of the DPA is not defenceand franchisees holding as little as amailing list or delivery details for cus­tomers could face prosecution if theyare not registered.

Meanwhile, the just-publishedRegistrar's Thirteenth Annual Reportidentifies three key data protectionproblem areas. These are:

1. Marketing - according to theRegistrar, nearly one quarter ofcomplaints over the last year relate tothis purpose (after a three years ofrelative quiescence). The implicationis that marketing departments arenot as obeying the well-established

data protection rules, or that DataSubjects are becoming more adept atcomplaining.

11. credit referencing - the Registrarindicates that one third of thecomplaints are on this subject, andthat she has interviewed CreditReference Agency staff undercaution. The result could be aprosecution on the grounds that anAgency was in breach of anEnforcement Notice.

iii. data matching by public bodiesshould be subject to a Code ofPractice. The Registrar is discussingthis with the Audit Commission andthe Department of Social Securityhow best to "provide safeguards forlaw-abiding citizens caught up indata matching activities aimed atdetecting fraud". The Registrarnotes that she has received over 400complaints about one data matchingexercise by one Local Authority.

In addition, the Registrar recordedthat public awareness of rights is increas­ing. This has resulted in an significant25% increase in the number of com­plaints to the Registrar's office; a TVadvertising campaign has begun whichwill add to this. The main point is thatthe era of the acquiescent Data Subjectis passing rapidly, and data protectioncompliance is becoming more important.

Finally, the Registrar has announcedseveral publications over the last year.The key ones are: "Advice note forHorneworkers"; "Debt Tracing &Collection Agents Guidance"; "EUData Protection Directive (95/46/EC)preparing for Implementation";"Handling Subject Access Requests","Keeping customer information safe";"Privacy Enhancing Technologies ­ODPR Position"; "Response of theData Protection Registrar Licensing ofTrusted Third Parties for the Provisionof Encryption Service"; "Section34(5)(a) Disclosures"; "The MillenniumBomb"; "The requirements of Fairnessand the use and disclosure of customerinformation by Utility Companies" anda "Video-based training pack".Reference: The Registrar's ThirteenthAnnual Report (ISBN 0-10-265998-2,£19.50,133 pages, from HMSO).You can seek advice on the DPAthrough the DPR's home page:http://www.open.gov.uk/dpr/dprhome.htmor by wntmg to: Publications,Marketing and Communications Dept.,Office of the Data Protection Registrar,Wycliffe House, Water Lane, Wilmslow,Cheshire SK9 5AF UK. Tel: 01625545740.

BSA Invites You to Get Legal via LegalWareThe Business Software Alliance (BSA)says that "It pays to use original soft­ware" and to this effect has launchedLegalWare. This, BSA describes as aninnovative, knowledge-based CDROMdesigned for organisations wanting toensure that their software is legal, as wellas acting as a warning to companieswho have resisted the pressure to getlegal to date.

BSA LegalWare is a further effort inthe alliance's efforts to assist companies

in implementing good business practicesthrough effective software managementas well as understanding why software isbeing illegally used and what the penal­ties and effects can be.

The CDROM shows step-wise howthe auditing process goes, from planningto analysis as well as providing a widedirectory of auditing tools. BSA mem­bers have supplied details of their soft­ware packages, purchasing conditionsand software licensing regulations.

Viewers of the CDROM can see whatforms theft, copying, counterfeiting andpiracy can take. Included is a marketreport from Spikes Cavell which assessattitudes towards theft of softwareamongst the Top 1000 companies inthe UK. It reveals that manycompanies simply do not know whereto start when it comes to softwaremanagement.Copies of LegalWare are availablefront the BSA on 0800 510 510 .

•

Computer Audit Update' October 1997© 1997, $17.00 Elsevier Science Ltd.