A very peaceful, happy and prosperous new year to you,
With the globalization of business, and the increasing number of financial and communication companies owned by corporations, it is useful to know what laws are there to ensure the protection of the individual and their personal information.
The main Irish law dealing with data protection is the Data Protection Act 1988. The 1988 Act was amended by the Data Protection (Amendment) Act 2003 which brought our law into line with the EU Data Protection Directive 95/46/EC.
The act provides protection for the privacy rights of individuals in relation to the processing of their personal data. We all supply information to banks, insurance companies, telecommunications companies and many others in order to avail of services or satisfy obligations.
Organisations and individuals also independently obtain information from other sources, for example the Credit Bureau provides credits reports to financial institutions, some or most of these organizations are profit driven large corporations who have no personal responsibility to you, but the Data Protection Act provides protection, your rights under the Act are summarized here:
1. The right to have your personal information obtained and processed fairly, kept securely and not illegitimately disclosed to others
2. The right to know the identity of the person or organisation holding data about you and the purpose they had for obtaining your personal information
3. The right to get a copy of your personal information
4. The right to be informed, on request, if personal data is held in relation to you
5. The right to have your personal information corrected or deleted if inaccurate
6. The right to prevent your personal information being used for certain purposes
7. The right to stop unwanted mail
8. The right to stop some specific uses of your personal information
9. The right to have human input in the making of important decisions relating to you
10. The right to prevent you receiving direct marketing phone calls, emails or text messages that you don’t want
An example of how this can effect a person is when changing phone company who can apply arbitrary charges such as deposits and when asked, will not give information on why they have applied the charges. One way to approach them, which will ensure a response, is to submit a request for information under the Data Protection Act
To make an access request you must write by post or email to the organisation or individual concerned asking for a copy of the data. A request letter could say:
I wish to make an access request under the Data Protection Acts 1988 and 2003 for a copy of any information you keep about me, on computer or in manual form. ……
To find out more detail about the Data Protection Act, www.dataprotection.ie provides full details and some training videos and slide presentations.