ejstubbs

Such things are by no means restricted to the public sector. So long as by "politics" you include internal company and even inter-company politics as well as part politics, there are examples of what you cite everywhere in the private sector. Can you say "Carillon" or "G4S"? And it is by no means always the case that such failures don't bear on the public purse. The two just named will have cost the government done money in patching the holes left by their failures. Another example: RBS was a listed company when it did most of the damn stupid things that led to it being bailed out. Having worked largely in the private sector throughout my career, it alternately amuses and annoys me when I see it suggested that broken decision-making and the influence of 'politics' are exclusively to be found in the public sector.

I think the answer is, in the immortal words of Sir Patrick Moore: "No-one really knows." It is a new law and certain aspects of it (in particular the bits that are new cf the old directive) have yet to be tested in/through the courts.

Point of information for the barrack-room lawyers: GDPR applies to the personal data of all EU residents, regardless of where the actual data controller (the "spam merchant" in this case) is located (reference: GDPR Article 3 Territorial Scope). So the ICO are legally obliged by the regulation to give at least a few monkeys (GDPR Article 51 Supervisory Authority). Hence actions such as reported here on 24th May being taken by some companies: ...a growing number of companies are taking the nuclear option to ensure compliance: blocking all European users from their servers. Instapaper, a service owned by the US firm Pinterest which enables users to save articles to read at a later date, became the latest to disconnect European customers on Thursday. It said the cutoff was temporary while it made the required changes, and told users: “We apologise for any inconvenience, and we intend to restore access as soon as possible.” Pinterest did not respond to a request for comment. Other companies have taken a more permanent approach. Unroll.me, an inbox management firm, announced it was completely withdrawing services for EU companies due to an inability to offer its product – which is monetised by selling insights gleaned from reading users’ emails – in a way that was compatible with EU law. “We are truly sorry that we are unable to offer our service to you,” the company told EU users. American media network A+E has blocked EU visitors from all its websites, including History.com, and some multiplayer online games, including Ragnarok Online, have switched off their EU servers.

Other news reports have emerged suggesting that the detectors were isolated when the railtour train was in the station, but the fumes turned out to have hung around longer than anticipated after it departed*, so the alarm went off when the detectors were re-activated. * I wonder if that could have been related to the very still, humid weather that we've had recently. The other day when I went to look at the surface pressure map in the Met Office web site, I thought it was broken - I had to zoom right out to see any isobars!

If you and your wife use separate eBay accounts, that's a personal data breach.

You'd think so, wouldn't you? Certainly the eBay support agent thought so. All that the unsubscribe link on the e-mail did was to set the "Watch alerts" option to "none". As I pointed out to the agent - again - I was not watching the item. And I do want to get alerts about items that I am watching. So the unsubscribe link is not a blind bit of use, and in fact actually does something that I actively don't want to happen. After a long career in IT I actually find it quite annoying that people still seem to have few qualms about foisting rubbish, broken functionality like this on their customers. I still suspect that their system is somehow convincing itself that I do want to watch certain random items that I peruse. I have noticed that the function for toggling watching off and on can be extremely flaky at times - sometimes appearing not to register when I click the "Add to watch list" link on the item listing page (because it doesn't change to "Watching"), but when I look at my actual my watch list the item is there. Or vice versa. At least I'm not getting any e-mails about saved searches unless I've subscribed to get e-mails for a particular one. So at least that seems to be working for me. (I have noted that, every time you save a search, you do get subscribed by default - but it is very easy to opt out using a checkbox on the pop-up dialogue box that confirms the saved search.)

A couple of times recently I have received e-mails from eBay encouraging me to bid on items that I have briefly looked at, but not bid on or added to my watch list. I've checked the communications settings on my eBay account and there doesn't seem to be any way to stop these. I can ask eBay not to tell me if the auction for a watched item is coming to an end, or if I've been outbid, but for something I've neither watched nor bid on, nothing! Anyone else experienced this? I'm currently embroiled in a chat session with eBay customer support trying to get them to understand that I am getting watch alerts for items I haven't watchlisted. It is hard work... ...and I've given up. The support agent kept going on about my watch alerts, seemingly unable to grasp that I was not watching the item! eBay are basically breaking the law by sending me e-mails I don't want, and with no way to stop them. Even if it's a system glitch (which I actually believe it is) they are obliged to stop it happening ie fix it!

I realise that this isn't much use to you now, but for future reference it may be useful to know that you can tell eBay not to accept bids in certain circumstance, including: blocking specific buyers (admittedly not much use if the culprit keeps changing their user ID); blocking buyers with a negative feedback score; blocking buyers with non-payment strikes on their record. They also have a category for "Buyers who may bid on several of my items and not pay for them". I'm not sure how that works, but it looks like it might be useful to control the misbehaviour you have been experiencing. You can also tell eBay not to allow blocked buyers to contact you. More info here: https://www.ebay.co.uk/help/selling/resolving-buyer-issues/blocking-bidders-buyers?id=4082 Note that eBay does say: "Select buyer requirements carefully as it may reduce your selling success." I'm not sure how 'successful' your selling is supposed to be if time-wasters keep winning your auctions... I currently have three blocked bidders. One was added to the list after e-mailing offensive nonsense when I declined to allow him to BiN on an active auction; lot of good that did him. I also block bids from anyone with negative feedback, two non-payments within the last month, or located outside the UK (sorry, it's not worth the hassle for me as a private seller).

Similar thing happened when Tornado was doing the SRPS Fife Circle railtour back in 2015: https://www.edinburghnews.scotsman.com/news/transport/fire-at-waverley-turns-out-to-be-steam-train-1-3822129. I had just come off the morning run and was waiting on Waverley Bridge to get some shots of the afternoon run departing when the fire appliances turned up. At the time I couldn't believe that it was because of Tornado, but it was confirmed to have been that in the later media reports. That was members of the public calling the fire service, though, not an automatic smoke detector. So even turning off the detectors (which I imagine would need to be covered by a fairly comprehensive risk assessment) won't be a guarantee of no false alarms on the day! (There have been steam railtours through Waverley before and since without incident, so it looks like that incident can be chalked up as a one-off.)

If this upsets you, lodge a complaint with the ICO: https://ico.org.uk/make-a-complaint/. I would first check whether the unwanted e-mails have an unsubscribe link: if not then that's pretty much illegal in itself (GDPR Article 7 section 3, amongst other things). The ICO won't take action unless someone points out a suspected breach of the law. (Would you expect the police to know that your house has been broken in to without you telling them?) The potential financial penalties available to the ICO under GDPR are quite sufficient to put the Del Boy chancers out of business. Or we could just not bother making any laws at all, because they clearly never stop anyone from doing anything wrong...

Indeed. Browsing eBay can sometimes lead to the discovery of stuff you never knew existed - or you never imagined people might try to sell, like this. (As suggested by moneysavingexpert.com, no less. Sometimes I do wonder exactly how grippy Martin Lewis thinks his subscribers are...)

The catch with this approach - and I'm partial to it as well - is that you need to know roughly what the thing you are wanting to buy is called. In the past I have occasionally resorted to photographing the thing and putting it in to Google image search to see if any reasonably close matches show up, and then looking to see if one of the web pages with a matching photo divulges the name of the thing. I've also posted the photo to online forums like this one, where the clientele, taken as a whole, generally has a fairly wide knowledge of the world, and asking "what's this thing called so that I can search for one on eBay"!

I realise that you are a retailer and that you claim to be speaking from experience, but can you point to the legislation that says that overpricing is, of itself, illegal? It is illegal to put misleading pricing on an item (eg to display two prices, only the higher of which you would actually be prepared to sell at) but as far as I am aware there's nothing to stop you putting whatever price you want to on an item provided it is clear and not misleading. The displayed price is only ever an "invitation to treat" anyway - there's no contract in place until retailer and customer agree on the actual price that is going to be paid & accepted. There's a reasonably informative debate on the subject here: https://forums.moneysavingexpert.com/showthread.php?t=3425203. (If anyone wants to refer to the Price Marking Order 2004 referenced in that thread then it can be perused here.)

There was a thread about wrong/unsigned routes being set on a "real railway forum" the other day*, following an incident during the recent Thameslink 'meltdown' when a train was routed on path that the driver didn't sign. As others have said in this thread, it happens now and again, and there are rules and procedures for dealing with it, including how to work out who to blame (and, inter alia, how to apportion the lost minutes for "delay repay" purposes). The thread linked to a rather amusing story from a London Underground driver to whom it once happened - while he was supposed to be doing route training for a new trainee! http://www.districtdave.co.uk/html/confession_time.html * It's here if anyone wants to have a read.

It was certainly fitted on 6021 Princess Elizabeth in the early 1970s, along with synchrosmoke. That was the loco that came in my "first proper train set", the Express Passenger Set (RS.609). It also included two panelled and lined LMS coaches, which didn't seem to survive very long in production.

Our HR department isn't relying on consent for employees, either current or ex. For current employees the lawful basis of processing an employee's personal data is clearly contract, since one is in place. For ex-employees it's a combination of legal requirement (eg financial records having to be retained for seven years) and legitimate interest (in particular, retaining records of employment until after the period within which the ex-employee can raise a case with an employment tribunal - I can't remember what that period is, but HR know!) After those periods have expired then the GDPR principle of storage limitation* applies, and we have to get rid. I can't really see why any other company's HR department should need to be much different. * Which was also part of the 1998 DPA, so it's not new - although far too many companies have been extremely lax about complying with it up to now. The more severe sanctions regime under GDPR is making everyone sit up and take notice, if not actual action...

That's two different things. You have the right to request that a data controller erases your personal data (the "right to be forgotten") at any time (though there are conditions under which the request can be declined eg if the data controller is legally obliged to keep such records). That is new under GDPR. Unless claiming an exemption, the data controller has to comply with the request within one month. Storage limitation was a core principle under the DPA as well. That's the one that says you can't keep personal data for longer than is necessary for the purposes for which the personal data are processed (which, again, may depend on other conditions such as the legal requirement to retain financial records for seven years). The retention period of the personal data (or the criteria by which the retention period is calculated eg "twelve months after we last hear from you") must be documented in the privacy notice issued by the data controller when they first obtain your personal data.

Just for clarity: you can't be "deemed" to have given permission. GDPR Recital 32 states that: Consent should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject’s agreement to the processing of personal data relating to him or her, such as by a written statement, including by electronic means, or an oral statement. This could include ticking a box when visiting an internet website, choosing technical settings for information society services or another statement or conduct which clearly indicates in this context the data subject’s acceptance of the proposed processing of his or her personal data. Silence, pre-ticked boxes or inactivity should not therefore constitute consent. Article 7 section (1) of the regulation states that: Where processing is based on consent, the controller shall be able to demonstrate that the data subject has consented to processing of his or her personal data. What this means is that if the data controller (which would be Hornby, in the case of the OP) has previously obtained consent but cannot demonstrate it ie provide evidence of your consent, then they have to ask for it again. Simply having your name on a list of "people who have consented" isn't sufficient: they need to be able to evidence receipt of your consent eg by keeping a copy of the e-mail from you, or a record from the web server of the checkbox having been ticked on a web page. (My company is using an online survey tool to gather and record consents.) Equally, if they have been operating up to now on the basis of assumed consent - sometimes called "soft opt-in", which includes things like pre-ticked consent boxes, or statements along the lines of "by continuing to use this site you are are agreeing to these terms" - then they now have to obtain explicit consent per Recital 32. Note also that consent has to be given freely: if the terms are "consent or you won't get xxx benefit" then that's non-compliant. Any consent thus obtained is not valid and cannot be used as the "lawful basis for processing". There are other lawful bases for processing which do not require consent, such as to satisfy the performance of a contract, or what is called "legitimate interest" (to use which the data controller must be able to demonstrate that they have carried out an assessment of the balance between their legitimate interest vs possible impacts on the data subjects' rights and freedoms - a bit like a risk assessment in the H&S sphere). Too many people seem to think that consent is a magic bullet which means they don't have to think about difficult things like legitimate interest assessments (which are actually pretty straightforward*), while overlooking the downsides to consent-based processing (not least the administrative & operational overhead involved in obtaining and recording it). * Again, the similarities to H&S regulations are not accidental, and most mature organisations should already be doing this kind of stuff as a matter of good business practice. Which is the real meaning of the often wheeled-out old saying "Rules are for the guidance of wise men and the obedience of fools" - ie if you know what you're doing then none of this should be a surprise, but if you don't then stick to the rules and you should be OK. "Fool" in this case having its OED meaning: "A person who acts unwisely or imprudently" - which not the same as an idiot. (I say it's an old saying but it's unclear exactly how old. Some attribute it to Douglas Bader, although the author of 'Reach for the Sky' [the book, not the film screenplay] cited WWI RFC fighter ace Harry Day as the source. However, it's also attributed to Solon of Athens, who died in 558 or 559 BCE.) They can pass your details to third parties provided that they have told you that they are going to do that in their privacy notice (which is one reason why it's worth reading the things). Any third party that obtains your personal data from another data controller rather than directly from you has to send you their own privacy notice, and tell you where they got your data from (GDPR Article 14). It should no longer be the case that you get e-mails from random companies with no idea how they got your e-mail address. One of the major aims of GDPR is to give data subjects (ie us) more rights to control what companies like Google, Facebook & Twitter do with the information that they gather from us without our clear knowledge or active participation (eg, off the top of my head: gathering personal data about you and your contacts, to be used for targeted political campaigns, under the guise of an online "personality quiz"). Tracking, monitoring and profiling of online activity was barely thought of when the previous directive was written in the 1990s. It's everywhere now and, up until today, there was no effective regulation of such activities. Those companies make billions out of activities which were previously barely regulated, if at all. That's the main reason why the sanctions regime under GDPR is so much more severe: up to €20 million or 4% of total worldwide turnover in the preceding financial year, whichever is the higher (GDPR Article 83). By my calculation that would be $1.6 billion for Facebook, based on their 2017 turnover (although, given that their revenues increased by $13 billion over 2016, they would likely still regard that as not much more than a bump in the road; put it this way, if they'd had to pay a fine like that in 2017 their profits would still have grown by more than 40% cf 2016).

Or even vegemite on toast. I think the fact that they've basically thrown in the towel and walked away speaks volumes. They don't seem to have tried particularly hard, if at all, to work out what they were doing wrong and recover from it. That smacks of inflexibility, and a certain arrogance.

Is the platform road not a running line either, then? I press the point because there seems to be a tacit acceptance of the run-round loop being an exception to the rules which might otherwise be interpreted as applying, depending on ones understanding of the terms "running line", "loop" and "siding". If the rules don't specify an exception which covers a common configuration then it seems that it must be down the nuances of the terminology. I find it difficult to believe that railways were commonly allowed to bend the rules in this one specific instance "because it saves space and materials". There appear to be a few concessions to space constraints within the rules, but not explicitly in this case.

Could you explain why? Does the loop count as a running line?

This subject has been discussed multiple times over the years on RMWeb. I now know (or think I know) more than I knew I wanted to know about the 6ft, the 10ft, and combinations & variations thereof. I've perused the Gauge O Guild's Track Spacing and Structure Limiting Dimensions document and mentally translated the figures from 7mm to 4mm. After all that, I just have one question left: Consider your classic single track BLT terminus with a run-round loop. Working from the summary provided by Martin Wynne here, would I be right to regard the platform road as a "running line" and the run-round loop as a "loop or siding"? If so then they should be at the 10ft spacing, or ~61mm between track centres in OO - which is getting on for a whole centimetre more than the standard track centres you get with Peco streamline crossovers. Does anyone take this in to account in their layout designs? OK, that was two questions. Sorry. Just to be clear, the threads I've already read on this subject include: http://www.rmweb.co.uk/community/index.php?/topic/118289-track-spacing/ http://www.rmweb.co.uk/community/index.php?/topic/106067-passing-loop-clearance/ http://www.rmweb.co.uk/community/index.php?/topic/23043-width-of-the-six-foot/ http://www.rmweb.co.uk/community/index.php?/topic/25538-track-spacing/ http://www.rmweb.co.uk/community/index.php?/topic/93148-track-spacing-in-small-rural-goods-yard/

Instead of the trap on the bay road, have you considered a point leading to a short spur? You might choose to think up a reason for its existence but on the other hand it might simply add a bit of flexibility - as in "somewhere to stable the odd bit of stock that's not needed for anything right now".

It might be fun/instructive if someone were to go through that list and find out how many of those myths originated from the pen of the individual who later told the BBC: "...I listened to this amazing crash from the greenhouse next door over in England as everything I wrote from Brussels was having this amazing, explosive effect ... and it really gave me this I suppose rather weird sense of power." (Note that the newspaper for whom said individual worked at the time - after having been sacked from another newspaper for making up a quote - saw fit to publish this article in 2016.)

Although even EU regulations often leave room for national laws to extend the rules - or even deliberate gaps which national governments are required to fill with their own laws. I know (because I've been up to my neck these last few months in trying to interpret the thing for my company) that GDPR* has such openings for local variation. * In the formulation of which the UK ICO was closely involved, before anyone starts banging on about "faceless bureaucrats in Brussels". The ICO even has a face.