The Data Protection Act is a piece of legislation in effect in the United Kingdom for controlling the permissible extent to which data can be compiled, collected and registered in regard to the personal details of people. Any Data Protection Act summary which seeks to elucidate the functioning of the Data Protection Act and its effect on those people living in the United Kingdom should refer, at least in part, to the legislative history of this law.
In this regard, then, the main framework for the Data Protection Act should be noted as deriving from a law which was passed in 1998 to modify earlier legislation which had been passed in 1984. Moreover, the basic Data Protection Act summary had to be altered somewhat after further legislative changes were enacted in 2003 to change some of the provisions contained in the legislation.
In that the Data Protection Act was passed with a mind to specifically provide for eight specific principles related to information processing, any effective Data Protection Act summary should be further sought after as providing for an understanding of these points.
In this respect, the Data Protection Act summary which has been issued specifies that U.K. personal details cannot be used non-consensually, for non-specified purposes, for unspecified periods of time, or freely outside of the European Economic Area, and that they must accessible to the people they pertain to, and open to such corrections as those individuals might issue, as well as adequately guarded against security violations and breaches.