I'd like to know whether all avenues of complaint were pursued, or if any action is currently 'live' regarding Rackspace UK voluntarily passing Indymedia's data to a foreign law enforcement agency. I see that the EFF page was last updated in August 2005.
As Indymedia's front page still shows the 'Seize the media, Not the servers' logo/link, indicating that they consider it an important issue that it wants us to keep in mind, it would be nice to know that someone has bothered making an official complaint to any relevant bodies (IE Information Commissioner) after all the effort of getting the court orders unsealed, etc. I would be happy to do so myself, but it would probably be a waste of time as I would not be considered an Interested Party.
Even if a complaint resulted in an official decision that no offence/misconduct had occured, at least then I could be confident in stating that companies in the UK are not legally restrained from voluntarily handing their customer's data to foreign authorities.
Alternatively, it may turn out that Rackspace's contract with Indymedia (which I assume was their standard one as discussed @
http://www.indymedia.org.uk/en/regions/london/2004/12/302431.html?c=on#c106805 ) allowed this to happen, but if this is the case at least we would know that such contracts override any legalislation (if any exists) intended to prevent companies from sharing their customer's data in this manner.
Mike's points re. business entities ( http://www.indymedia.org.uk/en/regions/london/2004/12/302431.html?c=on#c106785 ) also need addressing so that we can make informed choices, and give informed advice, about which companies to give our business to. Even if it makes no difference whether a company is a subsidiary or not, people need to be able to know whether their data has any legal protection and if this can be nullified by a contract, in order for them to know whether they need to seek out companies that specifically promise NOT to share their customers data unless required to do so by a valid UK court order.
Even if a complaint resulted in an official decision that no offence/misconduct had occured, at least then I could be confident in stating that companies in the UK are not legally restrained from voluntarily handing their customer's data to foreign authorities.
Alternatively, it may turn out that Rackspace's contract with Indymedia (which I assume was their standard one as discussed @
http://www.indymedia.org.uk/en/regions/london/2004/12/302431.html?c=on#c106805 ) allowed this to happen, but if this is the case at least we would know that such contracts override any legalislation (if any exists) intended to prevent companies from sharing their customer's data in this manner. Mike's points re. business entities (
http://www.indymedia.org.uk/en/regions/london/2004/12/302431.html?c=on#c106785 ) also need addressing so that we can make informed choices, and give informed advice, about which companies to give our business to. Even if it makes no difference whether a company is a subsidiary or not, people need to be able to know whether their data has any legal protection and if this can be nullified by a contract, in order for them to know whether they need to seek out companies that specifically promise NOT to share their customers data unless required to do so by a valid UK court order.
e-mail:
Homepage:
