Data protection and identity theft
The Data Protection Act controls how your personal information is used by corporations or the government. Its rules require everyone who collects data to follow strict rules, and to keep your information safe. This page explains how it works.
Protecting your information
The Data Protection Act's rulesare quite complex, but at the heart of it are eight common sense rules known as the 'data protection principles'.
These principles require any organisation, corporation or governmental body that collectspersonal information to handle it safely. Anyone collecting personal information must:
- fairly and lawfully process it
- process it onlyfor limited, specifically statedpurposes
- use the information in a way that is adequate, relevant and not excessive
- use the information accurately
- keep the information on file no longer than absolutely necessary
- process the information in accordance with your legal rights
- keep the informationsecure
- never transferthe information outside the UK without adequate protection
All organisations collecting and using personal information are legally required to comply with these principles.
The law provides stronger protection for more sensitive information - such as your ethnic background, political opinions, religious beliefs, health, sexual life or any criminal history. It is enforced by an independent information commissioner, who can take action against any company or governmental body that fails to protect your information, or that abuses its right to collect and hold that information.
Finding out who knows what about you
The Data Protection Act gives you the right to find out what information about you the government and other organisations store. This is known as the 'right of subject access'. If you submit your request in writing, they are legally required to provide you with a copy of all the information they hold about you.
Some agencies or corporations may charge a fee for providing the information, but they are only allowed to charge up to 10 for digital information, or 50 for printed (i.e. non-electronic) medical records. Finding out what information about you credit reference agencies hold costs 2.
Stopping direct marketing
Some people resent the way companies and government agencies contact them directly by phone, post or even fax. You have the right to stop these direct marketing campaigns from using your personal information to contact you.
All you have to do is register your details with one of the 'preference services', which allow you to opt out of direct marketing altogether.
The links below offer more information about how you can opt out
This content is subject to Crown Copyright