The Data Protection Act, a United Kingdom privacy and information security law, was passed into its primary, current form through a 1998 Act of Parliament, as succeeded earlier, Thatcher-era legislation.
This 1990s version of the Data Protection Act was, however, modified in its own right through the later changes enacted as the Data Protection Act 2003, as might be referred to, more specifically, as the Privacy and Electronic Communications (EC Directive) Regulations 2003. As with the immediately succeeded effort in the realm of the Data Protection Act, the Data Protection Act 2003 can be noted as occurring under the oversight of the European Data Protection Directive.
One of the most noted and immediately pertinent aspects of the Data Protection Act 2003 consisted of the measures it took against the occurrence of so-called direct marketing. In this way, the Data Protection Act and its provisions were compared to the near American equivalent of the “Do not call” registry. As with that measure, the Data Protection Act 2003 did not allow people freedom to call others with previously recorded messages for the purpose of advertising products or services to them.
In this respect, the modifications effected to the Data Protection Act created the need for such direct marketers to obtain permission from their target audience before being allowed to permissibly send directing marketing messages their way. That being said, the Data Protection Act 2003 was limited in the area of its scrutiny, unlike its U.S. counterpart, to those messages specifically sent by phone, as opposed to text messages or e-mails.