Online Data protection

Understanding the Legislation

Current state of information gathering has evolved far in the last decade. There are a lot of rising concerns on the safety of stored electronic data. The Data Protection Act of 1998 by the English Parliament was set in place to assuage fears regarding this matter. At its core, its main purpose is to protect living individuals’ data from abuse. There are three prime requisites for the act to take effect. First, the data must be stored electronically. Second, the data must pertain to a living person. Third, the living person must be identifiable through the electronically stored data. All three must be present for the act to take effect and once it does there are certain principles that should apply. Here, we shall discuss them in brief.

The Date Protection

The Data Protection Act basically states, among others, that personal data should always be processed lawfully and fairly. The data should have been collected through lawful means and for a lawful purpose. The processing of the data should also be compatible with said purpose. The collected data must not be kept for longer than required of the purpose. The amount of data collected must be of an amount adequate for the purpose it was collected, no more and no less. Said data should be current and accurate. There should be safeguards in place in order to protect the data electronically stored against illegal or unlawful processing, damage, destruction, or accidental loss. As an added protection, the act also states that any data covered by its purview cannot leave the European Economic Area unless the destination of the data also provides adequate protection of said data.

The Data Protection Act is well known for its complex provisions and here we have attempted to simplify it without losing much of its more important key principles. While its core tenets have been more or less preserved and clear, the act has been open to several interpretations. Some individuals and corporations have used the act to refuse access to data that is already public anyway.

There are certain exceptions to the act’s coverage. The most notable ones are for reasons of national security, crime and taxation, and for domestic purposes. The act also explicitly states that failure to comply with specific provisions shall be considered as criminal and/or civil offenses. Some of these are the unlawful collection of personal data, failure to register with the proper governing body as an entity that collects data that falls under the act’s purview, and requiring a person to provide data containing information on previous convictions and other related matters.