Data Protection

History Lesson: Legislation Protecting our Personal Data

The protection of personal data in the UK is covered by the Data Protection Act 1998. The authors of the legislation had to balance the conflicting interests of protection of personal information with that of many businesses and services which rely on obtaining and keeping records of people’s personal data. In doing so, the writers came up with a somewhat complex piece of legislation.

There are; however, eight key principles of the Act, which are quite straightforward and brief. Data handlers must ensure that data is:

1. Fairly and lawfully processed

2. Processed for limited purposes

3. Adequate, relevant and not excessive

4. Accurate

5. Not kept for longer than is necessary

6. Processed in line with individuals' rights

7. Secure

8. Not transferred to countries without adequate protection.

If you believe that your data has not been protected in keeping with these principles, you may have suffered a breach and should speak to a solicitor about what to do next.

The 1998 Act replaced legislation including the Data Protection Act 1984 Act and Access to Personal Files Act 1987. The 1984 Act came into force because of the increased use of computers in the late 1970s and early 1980s. The intention of this Act was to protect personal information about people where their information had been stored on a computer. It obliged organizations holding personal data to register with a Registrar and agree to abide by the principles of information protection outlined in the Act.

The Data Protection Act 1998 was introduced with the specific aim of protecting individual’s explicit right to privacy (which had not been discussed at all in previous legislation). This concept of privacy had, however, already been introduced a 1995 EC Directive, and so the 1998 Act was able to build on this. In addition the new legislation specified conditions for the processing of data, tightened restrictions on the use of particularly sensitive information and broadened the definition of data to include some details held on paper.

Since its enactment, the 1998 Act has been refined in some aspects because of the advance in technology. Most notably, The Privacy and Electronic Communications (EC Directive) Regulation 2003 altered the consent requirement for most electronic marketing to "positive consent" (eg. an opt-in box). For a further understanding of your up to date data protection rights, speak to a solicitor today or visit The Information Commissioner’s Office website.

Disclaimer

Stay Updated

Quick Search

Here's a really quick way to begin your search:

I need services for:

Latest Articles

Can't find what you're looking for? Try our Advanced Search

Special Offers

Free Newsletter

Subscribe to our free newsletter and stay up-to-date with all the latest offers, news and much, much more...