Nevertheless the subject is inescapable, and increasingly important, as the mass of personal information held about each of us by both public and private sector bodies continues to expand. The 2007 HMRC data disaster – when two CDs containing the child benefit database were mislaid – prompted a heightened awareness of data security; as a result, the Information Commissioner was given the power to impose monetary penalties of up to £500,000 for serious breaches of DPA 1998.
More recently, the Leveson Inquiry has focused attention on the role of data protection in relation to the media. Most members of the Bar will have to consider DPA 1998 at some point, either when advising clients, or in relation to their own role as “data controllers” under the Act.
The 4th edition of the leading practitioner text, Rosemary Jay’s Data Protection Law and Practice, is therefore extremely welcome. The author has 25 years’ experience in the field, working for the Information Commissioner and then for two leading law firms; she is assisted by three expert co-authors. For breadth of coverage and depth of analysis, the book has no serious competitor.
The 1998 Act – and the 1995 Directive that it implements – are at its heart, but there is also detailed consideration of related issues: eg, privacy rights under the Human Rights Act 1998, the monitoring of communications, and access to criminal records. The mass of material is well organised, and a summary of main points at the start of each chapter helps the reader to acquire a sense of the subject’s overall structure. The dearth of case law on many of the issues covered only serves to emphasise the importance of the analysis provided. In short, every practitioner will need access to this book; and every chambers library should have a copy.
Timothy Pitt-Payne QC of 11KBW practises in information law, public law, local government law, and employment law.