solicitors law firm, London, UK
information technology solicitors

intellectual property law firm

digital media legal advice		 commercial solicitors and corporate lawyers

ecommerce legal advice, and Internet Lawyers

litigation solicitors and dispute resolution
telephone +44 (0)20 7278 1817 fax +44 (0)20 7278 1835
HOME | DIRECTORY | SEARCH
Solicitors: Technology & Internet
 
 

Technology &
Internet Law

Personal Data - Some Clarity

A recent Court of Appeal decision in the case of Durant v Financial Services Association has brought some welcome clarity on the meaning of "personal data" for purposes of the Data Protection Act 1998.

In the first substantial case on the subject, the Court of Appeal has looked closely at the meaning of "personal data" in the context of requests by individuals by data held by a third party. Whilst in this case the applicant, Mr Durant was unsuccessful, the Court of Appeal gave some important guidelines for the future on what they will regard as constituting "personal data".

It is important to remember that under the Data Protection Act 1998, the protection afforded to individuals in the form of the right to get access to the information held by someone is that the data must first be "personal data". In deciding against Mr Durant, the Court of Appeal looked at the fundamental purpose of the Act, which is "to enable an individual to obtain from a data controller's filing system, whether computerised or manual, his personal data that is information about himself". This is to enable an individual to check whether a data controller's processing of his data unlawfully infringes his privacy, and to enable the individual to protect it, if appropriate.

The Court expressly stated that the Act was not there to provide an automatic right of access to all information. In particular, in this case, the applicant could not use it in order to gain access to documents to assist him in his litigation against a third party. The mere mention of the individual's name in a document does not of itself amount to personal data but it may well do if other circumstances are present.

This is very helpful to employers and e.g. publishers that find themselves receiving frequent requests for information held by them on individuals. For an employer or other data controller to have to disclose the information, the personal data has to have the relevant individual "as its focus rather than some other person with whom he may have been involved". In other words, there must be an element to which it is "biographical in a significant sense" and effect "his privacy, whether his personal family life, business or professional capacity", not just the mention of his name.

The Act is designed to protect fundamental rights and freedoms, notably the right to privacy, and not to give freedom of information. So, even where data is held manually but is sufficiently systematised to come within the Act, some data may not now be regarded as personal data and, therefore, is not protected. As always, employers and other holders of data have to look closely at nature of the information before making a decision as to whether or not it has to be disclosed.

This case will significantly affect the advice we give to some clients in assisting with data protection law compliance as well as the training we provide to our clients' staff and as a general rule should be welcome by business since it somewhat reduces the burden of an Act that is very onerous, albeit desirable to protect an individual's rights.

NEED TO KNOW MORE?

For further information, contact Maitland Kalton or Julian Danobeitia.  Should you prefer to telephone, call us on +44 (0)207 278 1817.

Kaltons Solicitors, Suite 302, Spitfire Studios, 63-71 Collier Street, London, N1 9BE. Telephone +44 (0)20 7278 1817; Fax: +44 (0)207 278 1835.

© Kaltons Solicitors 2005.  All rights reserved.

uk, Solicitors London
  HomeLegal NoticesSitemapContact Us
 
© Kaltons Solicitors & Lawyers 2004 - 2005.