If I was to be working for a market research company and was liaising with another company and I got a hold of their newsletter (meant for authorized personals only) a I breaching the data protection act 1998 (DPA) ?

Question

anonymous · Answer

I think it would depend on what information was on the newsletter, if any of it was protected by the act.

e.mccormick · Answer

It also depends on how it was obtained.

javk · Answer

What if I were to  ask the external communications department for a
copy of last weeks emailed newsletter and they were to give it to me (The e-mail was sent in bulk to all the company's clients).

javk · Answer

Moreover if I were to point out that the employee that sent the bulk email forgot to include some important information. Can the employee justifiably claim that I breached his rights?

javk · Answer

wait correction I am liaising with the client of company B, where company A would be the market research company.

javk · Answer

So far I read...and I read...and I read but I can't seem to figure out whether or not the data i.e. knowing the identity of the employee that sent the newsletter, would be considered as personal data.

- The data is not 'obviously about' the employee (lets call him Tom for clarity's sake), it was only sent by Tom

- However (and this is where the confusion really arises), the fact that he made a mistake in the newsletter can be incremental to his job status etc. so having this information can directly impact Tom.

- What's more, the data can not be considered as concentrating on Tom as a central theme

and then there's the issue of the exceptional cases, would this or would this not fall under any exceptions, since this data is being used in market research and data obtained for statistical, historical or other research reasons is exempt from the DPA

e.mccormick · Answer

A large part of this comes down to how you got it.  This is due to the nature of intent. If they made a mistake there is basically no way the fault is yours.  On the other hand, if you did anything to ensure you got a confidential communication, that alone poses problems.  When added to any other conduct, like any attempt to damage them based on what is in the email, it shows a very malicious intent.

javk · Answer

But since I am doing market research for company B and liaising with their customers, I am obviously looking out for the best interests of company B, so nothing malicious can be inferred from that. Or can it?
 
And since the company hired me to conduct the market research, any data that I may be looking into whether personal or impersonal is exempt from the Data protection act.

For Tom to say that I am breaching his right's only shows that he is being defensive because he knows he did something wrong, right?

e.mccormick · Answer

Again, as I said, it comes down to how it is obtained and what is done with it.  If it is obtained illegitimately, that counts for a lot.  Even if you were an employee, illegitimate access puts the entire set of events into question.

javk · Answer

True. 
Thank you. 
I get it now.

Btw I totally didn't mean for that to rhyme, it just happened :)