ABSTRACT
The UK has implemented Directive 95/46/EC via the Data Protection Act 1998, which received Royal Assent in June 1998, and was brought into force on 1 March 2000. Subsequently, minor modifications to the Act have been introduced by the Freedom of Information Act 2000. These include new duties for the Information Commissioner, a new name, a general right of access to all types of 'recorded', information held by public authorities and those providing services for them. This chapter provides data subjects with rights to access, to prevent processing likely to cause damage or distress, and to prevent processing for purposes of direct marketing, in relation to automated decision-making, to compensation for damages causes by processing, and to obtain rectification, blocking, erasure and destruction of data through a Court. The act of anonymization is to some extent a controversial issue in UK law, and the prevailing assumption is that the Data Protection Act does not cover the anonymization of data.
