Data Protection And Prank Calls
A phrase that jumped out at me in the course of the whole phone prank episode surrounding the Duchess of Cambridge’s recent stay in hospital, and the tragic death of one of the nurses involved was, “reasonably foreseeable.” I think it was a representative of the Australian radio station involved who said that it was not “reasonably foreseeable” that the prank might end up in causing someone to commit suicide.
Reasonable foreseeability is a legal term used in the context of negligence. A person will only be found liable in certain cases if there is a reasonable foreseeability between their negligent act and the thing that it caused. However, in the context of this tragic event it’s a bit of a red herring.
Of course it was completely unforeseeable that this stupid prank might cause someone to react in this way. And it would be foolish to condemn someone for engaging in a bit of fun, no matter how tasteless, because of an extraordinary outcome.
Broadcast without consent
But the problem with this whole matter was not necessarily the prank phone call. If it had ended with that, in all likelihood it would have had no more serious consequences than some red faces and a bit of awkwardness. The problem arose when the prank call, which was recorded without the knowledge of one of the participants, was broadcast on the airwaves without that person’s consent. Now the question of legal liability becomes a lot clearer. It shouldn’t have been done and to do so was wrong. This should have been obvious to anyone making a decision on airing the piece. It wasn’t a live broadcast; it had been recorded beforehand and replayed, over and over again as it turned out.
The situation here might be complicated a little by the fact that the broadcast was in Australia and the recording was made in England. But the international dimension does not really do anything to take away the fact that the lady did not know she was being recorded and she did not give her consent to the use of the recording in the broadcast.
Recording telephone conversations
And it begs a very important question. Where do you stand in relation to the recording of your telephone conversations? More and more in every aspect of what we do, the calls in which we are dealing with organisations and perhaps in which our customers deal with us are being recorded. Where does that leave us?
Data Protection Act
In Ireland the Data Protection Act is the most obvious starting point. Personal data is defined by that Act as data relating to a living individual who is or can be identified either from the data or from it in conjunction with other information. The Irish Data Protection Commissioner has taken the view that recordings of telephone calls are personal data for the purposes of the Act.
Personal data must be obtained fairly for a legitimate purpose and it can only be used for the purpose for which it was obtained. So straight away we can see that prank calls are going to run into difficulties here. But what about in legitimate business, can you record calls and how can you use the recordings?
Well, first off as far as data protection goes you’ve got to act fairly and for a specified legitimate purpose. And while a legitimate business purpose may exist for recording calls in certain business critical areas, this does not mean you will be justified in recording all calls. The ubiquitous “calls may be recorded for quality and training purposes” is by no means a magic phrase that enables the indiscriminate recording of every call.
If you are making agreements with your customers over the phone, you may need to record the call to have a record of the agreement, this is perfectly legitimate. But if you do, you should say so. Callers should be clearly informed that recording is taking place and that they can choose whether or not to continue with the call if they are not happy to do so.
There is at least one case where a call recorded without the consent of the other party has been admitted in proceedings to prove what was said. However, Data Protection issues were not raised and it was a case of involving an individual rather than an organisation who was seeking to rely on the call.
If your business depended on it, you’d want a little more certainty. Better to make sure that if you do need to record calls you’ve made it clear exactly when you’re doing so and why. Then if you ever do need to use them for the purpose that was intended, you’ll be an awful lot more confident in doing so.
On the other hand if you are an individual on the other end of the line dealing with a business recording your call, remember that what you’ve said is your personal data, and that means you have rights about it.
Have you any concerns over the Data Protection Act or reasonable foreseeability?