The Data Protection Act 1998 – The Act regulates the processing of information relating to individuals, including the obtaining, holding, use or disclosure of such information by organisations, businesses or the government. Everyone who is responsible for using data has to follow strict rules called ‘data protection principles’. The Act was introduced as a result of the European Directive on data protection,95/96/EC. The Government website has more details about the Act, what personal data an employer can keep about an employee, how to find out what data an organisation has about an employee and making a complaint.
The Information Commissioner’s Office – The Office is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. It can help a person find out what personal information is held about them, prevent unwanted nuisance telephone calls, get official information from a public body and stop spam texts and unwanted SMS messages. Its website details how the Office can help in these areas as well as how to register an organisation which processes personal information electronically. It also details the responsibilities and obligations of people who handle personal information about individuals. It provides detailed guides to a number of sectors including charity, police, justice and borders, education, finance, health, local authority, marketing, MPs and political parties and small businesses. It also offers advice on CCTV and on ‘bringing your own device’ to work.
Freedom of Information Act 2000 (FOI Act) – The Act entitles anybody to ask a public authority in England, Wales and Northern Ireland, including Government Departments, for any recorded information that they keep. The Act gives the public greater access to information about how decisions are taken in Government and how public services are developed and delivered. A public authority has a legal obligation to provide information through an approved publication scheme and in response to requests.
Requesting Information under the Freedom of Information Act – The Government’s website provides information about the Act, which organisations you can request information from, how to make a request and what to do if the request is turned down.
JISC Legal Information – Hosted by the University of Strathclyde, JISC Legal Information is a charitable body which works to ensure that legal issues do not become a barrier to the adoption and use of new information and communications technologies in further education, higher education and specialist colleges.
The Campaign for Freedom of Information – The organisation played an important part in persuading the Government to introduce the Freedom of Information Act. It was established in 1984 and is non-profit making. It advises the public on using the Freedom of Information Act, encourages good practise by authorities, provides training and tries to improve how the act works.
The BBC – On its website the BBC provides an explanation of the FOI Act, how the BBC uses the Act and how to request information from the BBC. It also provides details of what information it publishes about itself.
The Privacy and Electronic Communications (EC Directive) Regulations 2003 – These regulate direct marketing activities by electonic means – by telephone, fax, email etc. They also regulate the security and confidentiality of such communications, with rules governing the use of cookies and ‘spyware’. See the York University website for details of the Regulations. Further guidance can be obtained from the Information Commissioner’s Office.
Parliament – The House of Commons and House of Lords are required under the Freedom of Information Act 2000 to make information that they hold available to the public. Information must be made available proactively via publication schemes which have been approved by the Information of Commissioner’s Office. Also anyone is entitled to make a request for access to information held by either House, that is not already publicly available. The requested information must be disclosed unless an exemption applies. The Data Protection Act 1998 also requires the Houses to comply with certain principles regarding the way personal data is processed.
The Constitution Unit – This is the main research centre within University College London’s Department of Political Science. It has published a guide to the Data Protection Act 1998 which covers the main compliance issues and highlights possible pitfalls. It is aimed at officials in public authorities whose day-to-day work involves handling personal information about members of the public but who are not specialists in data protection.
Data Guidance – This is a subscription data protection and privacy compliance resource tool. It delivers, in one site, legal and regulatory information from all relevant data protection and privacy sources globally. It gathers together all the legislation, official guidance and codes of practice in one place. It provides straightforward notes on key issues such as e-mail marketing, employee monitoring and data breaches.