Dogs are becoming an increasingly significant part of our lives. Regardless of the owner’s age – we can acknowledge that almost everybody enjoys their time patting a dog. Moreover, many people are addressing their dogs as babies, recognizing them as a part of the family.
Nevertheless – can we go that far and say that our pet’s, i.e., dog’s name can identify us?
This question has been raised in the UK by Avon and Somerset Constabulary regarding a not-so-heartwarming event. Namely, the incident occurred during an operation to shut down an illegal rave on the periphery of Bristol when a woman was attacked by a police dog, leaving her with life-changing injuries. The victim was hospitalized and required skin and muscle grafts and reconstructive surgery. Consequently, the woman took legal action against the Police. Likewise, Avon and Somerset Constabulary have referred the incident to the Independent Office for Police Conduct in the UK.
What calls for special attention is that when the request was made on disclosing the dog’s name, Police argued that doing such would indirectly identify the dog handler, and therefore such information falls within the definition of personal data. Precisely, the woman’s request included at least the following:
1) What is the name of the dog;
2) What is the name and number of the police dog handler;
3) Which officer gave the order to attend with dogs?
Furthermore, the Data Protection Commissioner in the UK also concluded that the dog’s name could identify the handler indirectly, meaning it is personal data. Namely, the Data Protection Commissioner took the stand that the abovementioned parts of the request asked for information on the dog handler and their dog. Their focus is clearly on knowing information about the handler (their identity, training, qualifications, and overall aptitude). Furthermore, the Data Protection Commissioner accepted that the name and badge number of the handler is information that will directly identify them.
In this regard, Avon and Somerset Constabulary refused to disclose the requested information, citing the following non-disclosure exemptions of the Freedom of Information Act:
• section 30(1)(a)(b)(c) – Investigations and proceedings conducted by public authorities;
• section 40(2) – Personal information.
This kind of decision contributed to the significance of defining personal data.
UK Data Protection Act defines personal data as “any information relating to an identified or identifiable living individual.” Let’s take a closer look at that one. Evidently, for any data to be considered personal, two conditions must be fulfilled:
1. data must relate to a living person and
2. the living person must be, at least, indefinable.
It is the second condition that gives us a not-so-clear view of what personal data is. Having said that – how can we identify a person? The first thing that comes to our mind is the person’s name, and after that, probably the phone number or the address of the domicile. But how long would the count take before we call to mind – the dog’s name? So, not only does the second condition make plenty of room for discretion, but the phrase “any information” is not helping the situation. In this respect, we may as well say that one must assume that the term “personal data” should be as broadly interpreted as possible. The case law of the European Court of Justice supports those mentioned above. Namely, they consider even less explicit information than the dog’s name – such as recordings of work times, which include information about when an employee begins and ends his work day, as well as breaks or times that do not fall in work time, as personal data. This means that the only proper way to determine personal data is on a case-by-case basis.
By Katarina Zivkovic, Senior Associate, and Mina Milakovic, Associate, Samardzic, Oreski & Grbovic