I recently saw a copy of a letter where someone was requesting some information they thought they were entitled to see under the Data Protection Act.
It was interesting to me to see the Data Protection act in action, I'd never seen anyone request anything using it a reason before. What it did was demonstrate just how useless the act actually is. The reply the bloke allegedly got was that he wasn't entitled to see the information because it wasn't in a relevant filing system. They expanded the act a couple of years ago to include paper filing rather than just computer data, useing the following definition:
'A Ã¢ÂÂrelevant filing systemÃ¢ÂÂ means any set of information relating to individuals, not processed automatically but which can be manually processed by reference to the individual or by reference to criteria relating to the individual so that specific information is readily accessible. Whether manual information, such as paper files and non-automated microfiches, falls within the definition is a question of fact in each case. There must be a set of information about individuals grouped together by reference to a distinct identifier, for example, a set of information on customers or employees. The information and the ease of access to it should be assessed, rather than whether the information is part of a physical file.'
As I understand from that definition, if an invoice about was filed under 'Mr Flanders Invoices' it would be covered by the act, and retrievable on request if you were Mr Flanders. If it was filed under '1 Springfield Road', it wouldn't be because the filing system doesn't identify you as an individual. So instead of the act protecting people as it's supposed to, every company just changes their filing systems to something cryptic and becomes immune. Top eh?
ODPR should just be binned. Anyone ever seen an example of it working in someones favour? There's plenty of high profile cases where it's worked against the public interest (Soham for a start).