A restrictive interpretation of the Data Protection Act 1998 (”the Act”) will limit subject access requests1. Businesses may welcome the Court of Appeal’s judgment from Durant v FSA [2003], as it might make their obligations under the Act easier to fulfill.

The case of Michael John Durant v Financial Services Authority [2003] EWCA Civ 1746 – Court of Appeal focuses on the right of an individual to access his or her personal data held by an organisation. After a dispute with his bank, which involved the bank successfully applying an exemption which denied him the right of access to his data, Mr Durant complained to the Financial Services Authority (”FSA”).

Although the FSA investigated his complaint, it did not reveal detailed information about its investigation to Mr Durant. The FSA made available documents in computerised format but refused him access to manual files, claiming that the information sought was neither “personal” nor part of a “relevant filing system”. Mr Durant appealed.

The Court of Appeal held that:-

The purpose of the subject access provision is “…to enable [an individual] to check whether the data controller’s processing… unlawfully infringes his privacy and, if so, to take such steps as the Act provides (i.e. blocking or rectification)… It is not an automatic key to any information, readily accessible or not of matters in which he may be named or involved.”

Records that make reference to an individual are not necessarily “personal data”;

The records must be relevant or proximate to the individual (i.e. significantly biographical or of which the individual was the focus of attention). In deciding on a case-by-case basis whether information falls within the Act, two factors are relevant:

“…Whether the information is biographical in a significant sense, that is, going beyond the recording of the putative data subject’s involvement in a matter or event that has no personal connotations…
…information should have the the putative data subject as its focus rather than some other person with whom he may have been involved or some transaction event…In short, it is information that affects his privacy, whether in his personal or family life, business of professional capacity”;

It is not sufficient that the records just relate to something in which the individual was involved;

The records must contain “information that affects [the individual's] privacy, whether in his personal or family life, business or professional capacity” – “It is likely in most cases that only information that names or directly refers to [a data subject] will qualify and “not all information retrieved from a computer search against an individual’s name or unique identifier is personal data within the Act”;

The definition of “relevant filing system” in relation to manual filing systems (i.e. paper-based) are those which are clearly structured, in a manner akin to computerised records, and within which the data must be readily accessible for reasons of practicality, easily identifying the fact that it contains personal data relating to the individual;

There must be clear warning to litigants that the Act: “…is not an automatic key to any information, readily accessible or not, of matters of matters in which he may be named or involved. Nor is to assist him…to obtain discovery of documents that may assist him in litigation or complaints against third parties.”

The Court ruled that Mr Durant should not be given the documents requested as, “mere mention of the data subject in a document held by a data controller does not necessarily amount to his personal data”.

Mr Durant is awaiting permission to challenge the Court of Appeal’s ruling in the House of Lords.

Request by data subjects or individuals for the data that a company holds in relation to the individuals

If you require further information contact us.

Email: enquiries@rtcoopers.com

© RT COOPERS, 2005. This Briefing Note does not provide a comprehensive or complete statement of the law relating to the issues discussed nor does it constitute legal advice. It is intended only to highlight general issues. Specialist legal advice should always be sought in relation to particular circumstances.

By: Rosanna Cooper

Data entry is a very lucrative means of earning a living. An average service provider will earn at least $200 in a day. However if you are a beginner be realistic in your earning expectations because there are still so many things for you to learn. A daily income of $20-30 is much more reasonable. You may start taking bigger and challenging projects once you are already familiar with the basic rudiments of the job and you may start working for your target income. There are three paying methods used in this occupation and they are the following: fixed priced, hourly and per word.

Per Word
Traditional data entry job will require you to key in text or numerical information and save in a format requested by a client. You will be paid depending on the number of words you have typed. Clients will usually set a standard on the minimum number of words that you have to type in a minute and the accuracy rate that you have to satisfy. Failure to meet a the standards of a client would mean losing a project to a much more efficient service provider. This is best suited for people who have clerical experience and have a fast typing speed.

Fixed Price
In this payment method a client will set a fix price for a project and will clearly outline the completion date. You will find job leads in free online job sites such as Odesk.com. You can apply and bid lower if you wish to increase your chances of being awarded the project. You will receive payment if you were able to accomplish the job within the deadline date and your work quality has passed the client’s standards.

Hourly Rate
You will be required to log in on an online remote work diary at an agreed time. Your pay will be counted based on the number of hours worked multiplied to your hourly rate. Time logged on hourly assignments is automatically accounted and paid according to the pay schedule.

If you are new in this business it is advantageous to enroll in a program so that you will receive training and guidance on how to start up your business. The National Data Entry is not only reputed for its legitimate and practical training courses. It offers a unique service where members are given one-on-on coaching. A highly trained consultant will give you personal guidance on how to conceptualize a stratagem so that you will achieve your earning goals. For more detailed information just click the link below.

By: Jenny D. Axalan

You are simply fooling yourself if you believe the information on your computer belongs to you only. Unless you have some top of the line data protection programming on your computer system though other people can be looking at your files. This can be scary if you have any files on your computer that you don’t want others to see.

This can be your bank account, passwords you use to access your online accounts, and possibly some piracy you have engaged in for movies or music. Too many of us are comfortable thinking that since our computer is in our home it is safe from others accessing it.

With a quality data protection software program you have the lock to keep your computer files secret. There are two different types of data protection programs you can choose from. One of them prevents outsiders from being able to access your computer files. This type of data protection software includes a firewall that hackers can’t penetrate. They also protect your passwords.

These are great ways to ensure data protection but remember that hackers are pretty smart. They have sophisticated software too. To make sure your information can’t be compromised go for a data protection program that offers high tech encrypting. If you have the Windows Vista operating system then you will find these encrypting algorithms already in available to you. Otherwise you can buy a quality data protection software program from a retailer or a computer store.

The problem of identity theft is out of control these days, and the majority of it is taking place online. Hackers have found ways to get into a person’s system and before they know what happened their bank accounts are empty and their credit cards are maxed out. The person who hacked into the account is very rarely caught so many criminals think this is a safe way to make money fast. Don’t let your personal information be easily accessible so that you become their next victim.

With the right data protection system in place you can breath easier about the transactions you do online. The internet offers us plenty of convenience but don’t fool yourself into thinking all of your information is safe because no one has physical access to your computer.

By: Caleb Liu