The UK Data Protection Act of 1998: Summary & Principles

Instructor: Kaitlin Oglesby

Kaitlin has a BA in political science and experience teaching.

The UK Data Protection Act of 1998 plays an important role in determining how companies and other organizations can use the data that they collect on individuals who access their services.

What Is the UK Data Protection Act of 1998?

With the increasing role of the internet and other forms of electronic communication, the fate of all that data collected by individuals has emerged as an important legal question. How much knowledge about someone is too much? Should companies be able to tailor online marketing materials perfectly to one person? At least partly motivated to answer these questions, the UK Data Protection Act of 1998 was passed to govern exactly how data should be handled by those who collect it.

To keep everything clear, two terms should be defined right away. A data user is someone who uses all of that information that has been gathered, while a data provider is the subject of the information in question.

Place Within EU Law

Because the United Kingdom is a member of the European Union, it's worth noting that the motivation for passing the UK Data Protection Act of 1998 pretty much came from a mandate of the European Union. In 1995, the Data Protection Directive required every state in the EU to take measures to protect the privacy of their citizens. The UK Data Protection Act of 1998 worked to help make sure that the private information of UK citizens was protected.

What Does the Act Do?

To be clear, only information that's actually useful in identifying a specific person is protected by the Act. For example, information that only identified someone as a college graduate or as a fan of a particular sports team is exempt.

However, given the amount of times that people fill out forms online with their actual names, phone numbers, and addresses, there's still quite a bit of data that does fall under the jurisdiction of the Act. In short, there are plenty of data providers out there. As such, it's required that people have the right to review that data, and that the cost for doing so is given a cap, or a maximum limit. For example, credit reporting agencies have to provide all data that they have on an individual for a fee of less than ten dollars.

Another important part of this you should remember is that companies and organizations can only collect data for certain reasons. They can't just collect it for the sake of having it; instead, they need to demonstrate that they have a reason for keeping up with it all. Data users also need to meet minimum requirements of protecting the information of the data providers.

To unlock this lesson you must be a Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use

Become a member and start learning now.
Become a Member  Back
What teachers are saying about
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create an account