LONDON - The Federation of Student Islamic Societies (FOSIS) has expressed its concerns following the disclosure that universities in the UK have been illegally providing British counter-terrorism police with personal details, which breaches the 1998 Data Protection Act. FOSIS, representing over 90,000 Muslim students in the UK, is now advising students of their legal rights after the disclosure. Universities and students unions have an obligation to uphold the rights of their students to the best of their ability; this includes refraining from disclosing their personal data to third parties in the absence of a warrant obliging them to do so or without their prior consent, FOSIS said. This not only undermines trust and promotes a climate of fear on campus but it is also irresponsible and illegal, it warned. The legal guidelines being issued this week comes after it was exposed that the students union at University College London contravened many the principles of the Data Protection Act when handing over membership information of Islamic societies to police carrying out investigations following the alleged bombing plot at Detroit airport on Christmas Day planned by a Nigerian, Umar Farouk Abdulmutallab. Last week, James Hodgson, UCLU Student Activities Officer, admitted that mistakes were made when mobile phone numbers and email addresses of Islamic Society and Medical Islamic Society members were released to Anti-Terror Police, without a legal requirement to do so. It is now a UCLU policy to not release data, unless it is legally binding to do so, Hodgson said after issuing an apology to Muslim students. FOSIS said it sympathised with the British security services in their grave task of ensuring the safety and security and would continue their proactive dialogue with them. However, the responsibility and goodwill applies to all parties including upon universities, students unions and the security services. Universities should be safe zones for students to engage and debate various (even highly controversial) issues so long as they do not contravene the law, it said. The guidelines provides details of data protection provisions and other legal aspects as well as offering an example letter to prevent the disclosure of personal details without the permission of students.