|
|
|
The Data Protection Act 1998 (DPA) is a United Kingdom Act of Parliament which defines UK law on the processing of data on identifiable living people. This regulatory standard is a main piece of legislation that governs the protection of personal data in the UK. Although the Act does not mention privacy, in practice it provides a way in which individuals can control information about themselves. Most of the Act does not apply to domestic use, for example keeping a personal address book. Anyone holding personal data for other purposes is legally obliged to comply with this Act, subject to some exemptions. The Act defines eight data protection principles.
The 1998 Act replaced the Data Protection Act 1984, and was intended to bring UK law into line with the European Directive of 1995. In some aspects such as consent for Email marketing it has been refined by subsequent legislation. For example the Privacy and Electronic Communications (EC Directive) Regulations 2003 altered the consent requirement for most electronic marketing to "positive consent" such as an opt in box.
|
|
