So, it seems to be worth a punt. I don't think a website of the simplicity that I'm aiming for should take more than a weekend
Additionally, this might be convoluted - but it seems to me that if GCHQ has a list of the website that Joe Bloggs has visited - they can't reasonably claim that they hold those particular records because of national security concerns. Instead they have them just by chance because of the massive dragnet they've instituted. The can persist neither confirming nor denying that they hold the records though, and I think that this is farcical, and will hopefully not be permissible as the various programmes enter the public domain. So, I can handle any backend-functionality that's needed, but looking for someone to make it nice to use and write the needed markup. *Is anyone interested in spending their bank hol on a such a fun project?* Cheers, Joseph Finlayson +44 796 796 5870 +49 162 395 0220 On 21 August 2013 13:13, Dan O'Huiginn <[email protected]> wrote: > > Julian Assange managed to use the Data Protection Act to get some > records out of GCHQ: > > > http://www.theguardian.com/media/2013/may/20/julian-assange-gchq-messages-extradition > > "he explained that an official request for information gave him access > to instant messages that remained unclassified by GCHQ. > ... > The Cheltenham-based agency said: "We can confirm that GCHQ responded > formally to the subject who made the request. The disclosed material > includes personal comments between some members of staff and do not > reflect GCHQ's policies or views in any way." > > This seems to have been GCHQ employees chatting about Assange outside of > their actual work. Presumably most of us aren't talked about that way. > But you could follow up the same approach by persuading celebrities to > make DPA requests; I'm sure spooks IM about what was on TV last night. > > It's possible that you might also be able to get more out of GCHQ. Thhe > Data Protection Action doesn't *quite* give a blanket exemption for > national security. > > GCHQ need a certificate signed by a minister, stating that exemption "is > required for the purpose of safeguarding national security". Presumably > there is one of these covering most/all of their activity. But as the > Assange case shows, there may be some wiggle-room around the edges. > > In any case there is a right of appeal -- it might be worth following > that process. You might find some more edge-case data which GCHQ can't > claim as needed to safeguard national security. > > Dan > > On 21/08/13 13:18, Francis Davey wrote: > > 2013/8/21 Tim Green <[email protected]>: > >> According to [1], GCHQ isn't subject to FOI, though David Miles has > >> attempted to request [2] information on 'Mastering the Internet' > >> environmental impact etc. via separate environmental information > request. I > >> don't know how successful his modified request for the information > without a > >> breakdown by program will be. > > > > What My NSA Records appears to do is act as a way to find out what > > data the NSA has on the individual asking the question. The equivalent > > for GCHQ would be to ask them what data they have about me. > > > > That data would be exempt from the FOI under section 40(1): > > > > http://www.legislation.gov.uk/ukpga/2000/36/section/40 > > > > In theory you should be able to ask someone else to make an FOI > > request for your information (since then s40(1) won't apply) to which > > they attach a permission form showing that you give consent > > (satisfying s40(3) etc). That way you avoid DPA subject access fees. > > In theory I say. No-one I know has tried it and to make it work might > > require you to be rather determined. > > > > Unfortunately personal data processed for the purposes of national > > security is exempt from subject access provisions under s28 of the > > Data Protection Act 1998: > > > > http://www.legislation.gov.uk/ukpga/1998/29/section/28 > > > > So, I am not sure there's much traction here to get anything going, > > but I am happy to listen to ideas. > > > > > _______________________________________________ > developers-public mailing list > [email protected] > https://secure.mysociety.org/admin/lists/mailman/listinfo/developers-public > > Unsubscribe: > https://secure.mysociety.org/admin/lists/mailman/options/developers-public/joseph.finlayson%40gmail.com >
_______________________________________________ developers-public mailing list [email protected] https://secure.mysociety.org/admin/lists/mailman/listinfo/developers-public Unsubscribe: https://secure.mysociety.org/admin/lists/mailman/options/developers-public/archive%40mail-archive.com
