Personal Data in UK Law

In this Topic
Leading Cases
  • Durant v Financial Services Authority
    • Court of Appeal (Civil Division)
    • 08 Diciembre 2003

    The question is the meaning of the words "relate to" in the opening words of the definition, in particular to what extent, if any, the information should have the data subject as its focus, or main focus. Miss Houghton, on behalf of Mr. Durant, pitched Mr. Durant's entitlement to information under section 7 in very broad terms, relying on what she described as the extremely wide and inclusive definition of "personal data" in section 1(1).

    In conformity with the 1981 Convention and the Directive, the purpose of section 7, in entitling an individual to have access to information in the form of his "personal data" is to enable him to check whether the data controller's processing of it unlawfully infringes his privacy and, if so, to take such steps as the Act provides, for example in sections 10 to 14, to protect it.

    Mere mention of the data subject in a document held by a data controller does not necessarily amount to his personal data. The first is whether the information is biographical in a significant sense, that is, going beyond the recording of the putative data subject's involvement in a matter or an event that has no personal connotations, a life event in respect of which his privacy could not be said to be compromised.

  • Alireza Ittihadieh v 511 Cheyne Gardens Rtm Company Ltd and Others
    • Court of Appeal (Civil Division)
    • 03 Marzo 2017

    In some cases, it has been said that the supply of information does not tell the data subject anything he or she did not already know. To take a simple example: everyone knows their own name and date of birth. Moreover where the focus of a SAR is (as is often the case) a request for copies of documents rather than personal data, the fact that the data subject was either the author or recipient of the document in question would also be highly relevant to the exercise of discretion.

    Even so, it is not an obligation to supply documents: Dunn v Durham CC [2012] EWCA Civ 1654, [2013] 2 All ER 213 at [16]. It is of critical importance to distinguish between the two. Although it may be more convenient and cheaper in some cases for a data controller to supply copy documents, there is no legal obligation to do so. This is, I think, borne out by article 12 of the Directive which requires the data controller to inform the data subject of the " categories of data concerned".

  • Common Services Agency v Scottish Information Commissioner (Scotland)
    • House of Lords
    • 09 Julio 2008

    But in my opinion the fact that the Agency has access to this information does not disable it from processing it in such a way, consistently with recital 26 of the Directive, that it becomes data from which a living individual can no longer be identified.

  • R (on the application of Catt) v Metropolitan Police Commissioner; R (on the application of T) v Metropolitan Police Commissioner
    • Supreme Court
    • 04 Marzo 2015

    For this purpose, the rules need not be statutory, provided that they operate within a framework of law and that there are effective means of enforcing them. Their application, including the manner in which any discretion will be exercised, should be reasonably predictable, if necessary with the assistance of expert advice. It is enough that it lays down principles which are capable of being predictably applied to any situation.

See all results
See all results
Books & Journal Articles
See all results
Law Firm Commentaries
See all results

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT