Data Protection

Below is a list of links to legal information concerning a variety of issues relating to data protection.

See also: Legal Info About Security and Email

OUT-LAW Guides (UK law)

• Overseas transfers of personal data (menu of articles)
  A selection of articles addressing the position in the UK by reference to the legal provisions and common practical scenarios, looking at how a UK data controller can fulfil its business and operational requirements in transferring personal data, whilst encouraging legal compliance.
• Checklist for compliance with the Data Protection Act
  This checklist is intended as an aide memoir for those who already understand the basics of data protection.
• How to satisfy subject access requests
  The form of the request, negotiating with the data subject, how to search systems, manual files, third party data, consent and exemptions are all discussed.
• Cookie law
  If cookies are used in a site, the Privacy and Electronic Communications (EC Directive) Regulations 2003 provide that certain information must be given to that site's visitors.
• Data Protection
  This Guide explains what you should know about data protection under the Data Protection Act 1998.
• Data Protection health check
  A series of questions and answers that ensures that the data you have complies with the Data Protection Act.
• IP addresses and the Data Protection Act
  An IP address in isolation is not personal data under the DPA, but an IP address can become personal data when combined with other information or when used to build a profile of an individual, even if that individual's name is unknown.
• NEW: Why the APEC Privacy Framework is unlikely to protect privacy
  A Framework has been proposed for Asia-Pacific nations that Google's privacy chief suggests could be the foundation of a global standard. Dr Chris Pounder suggests otherwise.
• The CAP Code
  This article is intended to set out the basic rules for marketing by email and suggest a number of practical compliance measures.
• The effect of the Data Protection Act on e-marketing
• Interview with Information Commissioner Richard Thomas
• Interview with Deputy Commissioner David Smith
• Monitoring at work survey (2003)

Recent OUT-LAW News

• Microsoft proposes new ad privacy structure
• French sites fined for linking to privacy-invading content
• Judge refuses Mosley video injunction because of internet dissemination
• Civil liberties groups challenge Data Retention Directive in ECJ
• US couple sues Google over house picture

Added-value services

Pinsent Masons has one of the largest data protection law teams in the UK. We also offer an extensive range of training services.

Contact: Louise Townsend or Rosemary Jay (Manchester, 0161 250 0100)

Useful links

Warning: The links below are to legislation, some of which may be out of date. Some Acts may have been amended many times, but when you follow the link to HMSO's website you will not see the end result of all these amendments. So be careful before relying on what you read.

• Draft Data Retention Directive 2006 (26-page PDF)
• Data Protection Act 1998
• Data Protection Code, Part 3: Monitoring at Work (91-page PDF)
• See also: Supplementary Guidance (86-page PDF) and Guidance for Small Businesses (24-page PDF)
• Data Protection Act 1998 Compliance Advice (11-page PDF)
• Data Protection Directive 1995
• Data Retention Directive (10-page / 87KB PDF, published 15th March 2006)
• Privacy and electronic communications Directive 2002
• Privacy and Electronic Communications (EC Directive) Regulations 2003
• See also: Information Commissioner's Guidance to the Regulations
• Freedom of Information Act 2000
• Freedom of Information (Scotland) Act 2002
• Human Rights Act 1998