« Cartoon: with recent data losses in mind | Main | Privacy, Press, the super injunctions Review and anonymous use of Twitter »



Feed You can follow this conversation by subscribing to the comment feed for this post.

Great post - and thank goodness there's someone with the persistence to stick with a disclosure request over the disgraceful seven years it has taken our elected servants to comply.

Something I don't quite get, though, is this: I can see that, if the UK DPA is not a correct transposition of the EU DPD, UK laws which claim compliance with the DPA are not necessarily compliant with the DPD...

But can you unpack, a little, why that means that acts like the ID Card Bill would be non-compliant with the ECHR or UK Human Rights Act?

The Data Protection Act and Human Rights Act are more or less joined at the hip and overlap in the area of "proportionality". The Principles can be seen as a rule book with respect to how to attain proportionality (e.g. personal data not excessive, accurate, kept secure, supporting rights of access to personal data etc).

If the DPA is questioned as it has been by the EU, it raises whether the assumption (that the Act properly defines when the processing of personal data is proprtionately processed) is correct. This is especially the case as the EU claims the Act permits wide deviations from the expected European norm.


The comments to this entry are closed.

All materials on this website are the copyright of Amberhawk Training Limited, except where otherwise stated. If you want to use the information on the blog, all we ask is that you do so in an attributable manner.