There can also be problems with them having your personal information for example if it’s out of date or entered wrongly. You could be confused with someone else and refused a job, housing or even a place in college if they think your someone else.
The eight principals of good information handling were established to ensure your personal information is properly handled. They state that the data must be:
- fairly and lawfully processed;
- processed for limited purposes;
- adequate, relevant and not excessive;
- accurate;
- not kept for longer than necessary;
- processed in line with your rights;
- secure; and,
- not transferred to countries without adequate protection
By law, data users must keep to these eight principals.
The DPA states that you are allowed to have access to any information held about you, this is known as the right of subject access.
However, it would be impossible to create a law like this that would suit all scenarios therefore, there are some exemptions. A data subject is restricted from seeing information like: tax records, police records and exam results (prior to date of release). This is because the information is likely to affect: the way in which crime is detected or prevented, catching or prosecuting offenders and assessing or collecting taxes.
This means you cant walk into a police station and ask for your file because it holds information about you that may affect a crime. You also cant get your exam results early because if this exemption wasn’t in place, everyone would want access to their results as soon as possible and the exam boards wouldn’t be able to send it all out quick enough.
There is certain information that the data subject, in most cases, doesn’t have to register like personal data such as family, household or recreational information. The times that this information must be registered are ones like going to court.
If you find that one of the principals have not been met and you are unable to sort out the problem yourself, you can go to the Information Commissioner to see weather or not the requirements of the DPA have been met. If it is found that the requirements of the DPA have not been met, the Information Commissioner can take enforcement action against the data controller. If charged, this will be treated as a criminal offence and the data user can be prosecuted.
Overall, the aim of the DPA is to protect your personal information and stop unwanted people seeing it.