Skip to main content

Data Protection Act

The Data Protection Act 1998 was designed to provide a legal framework upon which to protect the privacy of personal data when used with information technology.

The Data Protection Act is UK legislation designed to place legal constraints on the use and processing of personal data.

The act gives people rights to protect themselves against any misuse of data held about them.

The first data protection act became law in 1984 before the widespread popularity of the Internet. The rapid growth of the Internet meant that information could be easily shared even between countries which do not have data protection legislation. This (and to bring it in line with European law) led to a revision of the act in 1998 which became law on 1st March 2000. The updated act covers personal data held on paper as well as computer and makes it illegal for data transfer to countries that do not have appropriate data protection laws and rights.

The data protection act has two general purposes:

  1. The rights of individuals about which data is held and what they can do regarding data held about them.
  1. The responsibilities of the data users and processors.

Next: The Eight DPA Principles