Here you'll find information on:What the Data Protection Act is;
When the Data Protection Act was established; Who the Information Commissioner is; What the eight principles of the Data Protection Act are; Our Rights as Data Subjects; Personal and Sensitive Data; Registering with the Information Commissioner. Other Useful Links |
What is the Data Protection Act?
From the 1960s onwards, companies, governments and even some individuals began to hold data about other people.
Companies could use the data they held to ensure bills were sent to the right addresses, utility services were connected to the right addresses or simply to target advertising to the right customers. Governments held data to make sure people were taxed the right amounts, car licenses were accurate and up to date or to keep a record of any crimes a citizen may have committed.
The list is endless, but the nature of the information is often very similar - sensitive.
Much of the data being held was personal and in many cases, the person who's data was being held would not be comfortable with this data being shared.
Who could access the data? What was being held? Could it be copied? Is the data being held or moved without consent?
As a result, a piece of legislation was created to ensure that the data would be protected.
Companies could use the data they held to ensure bills were sent to the right addresses, utility services were connected to the right addresses or simply to target advertising to the right customers. Governments held data to make sure people were taxed the right amounts, car licenses were accurate and up to date or to keep a record of any crimes a citizen may have committed.
The list is endless, but the nature of the information is often very similar - sensitive.
Much of the data being held was personal and in many cases, the person who's data was being held would not be comfortable with this data being shared.
Who could access the data? What was being held? Could it be copied? Is the data being held or moved without consent?
As a result, a piece of legislation was created to ensure that the data would be protected.
The 1998 Data Protection Act
The 1998 Data Protection Act was passed by the UK Parliament to control the way information is handled and to give legal rights to people who have information stored about them.
Other European Union countries have passed similar laws as information is often held in more than one country. |
The Data Commissioner
This is the person who has the power to enforce the act. They have the overall responsibility for enforcing the Data Protection Act across the UK. It is the person an organisation must apply to in order to collect and store personal data.
You can find out more here - The Information Commissioner's Office. |
The Data Controller
This is most likely to be the person in charge of an organisation, but the role can be delegated to other, or specific members of staff.
The Data Controller is tasked with overseeing which information is collected and what it is to be used for. They must ensure that any information collected is done so within the rules and guidelines set out in the Data Protection Act. |
The Eight key Principles
1. Data must be kept secure;
2. Data stored must be relevant; 3. Data stored must be kept no longer than necessary; 4. Data stored must be kept accurate and up-to-date; 5. Data must be obtained and processed lawfully; 6. Data must be processed within the data subject’s rights; 7. Data must be obtained and specified for lawful purposes; 8. Data must not be transferred to countries without adequate data protection laws. |
Personal and Sensitive dataThe Data Protection Act mentions specific types of data that are deemed as "sensitive data" and if companies collect this data, they cannot pass it on to a third party.
Examples of sensitive data are:
|
Exemptions To The Data protection Act
|
Registration With The Information CommissionerAny organisation or person who needs to store personal information must apply to register with the Information Commissioner.
Data controllers must declare what information will be stored and how it will be used in advance. This is recorded in the register. |
Other useful sites
Teach ICT Data Protection Act - Teach ICT have a fantastic section all about the DPA.
BBC Bitesize Data Protection Act - BBC Bitesize have a good selection of resources on the topic
BBC Bitesize Data Protection Act - BBC Bitesize have a good selection of resources on the topic