Applying exemptions under the DPA 1998—reference table [Archived]
Applying exemptions under the DPA 1998—reference table [Archived]

The following Information Law practice note provides comprehensive and up to date legal information covering:

  • Applying exemptions under the DPA 1998—reference table [Archived]
  • Guidance from the Information Commissioner
  • Exemptions reference table
  • Changes under the General Data Protection Regulation

The table in this Practice Note identifies and briefly summarises the principal exemptions available under the Data Protection Act 1998 (DPA 1998). This Practice Note should be read together with Practice Note: Exemptions under the DPA 1998.

The main exemptions are contained in Part IV and Schedule 7 of the DPA 1998. Data or processing that comes within a Part IV (Exemptions) exemption is not treated as personal data or processing of personal data for the purposes of the data protection principles (DPA 1998, Sch 1) and Parts II (Rights of data subjects) and III (Notification).

The Information Commissioner's Office (ICO) has issued general guidance on the application of the main exemptions under the DPA 1998, including on how the exemptions work and when these apply. Specific guidance is also available from the ICO on particular exemptions or scenarios, as detailed below.

For a comprehensive introduction to the GDPR, collating key practical guidance, see: Data protection toolkit.

Guidance from the Information Commissioner

As part of the general duties set out in DPA 1998, s 51, the Information Commissioner must promote good practice, the observance of DPA 1998 by data controllers, and develop appropriate codes of practice. To help data controllers interpret the statutory framework, the ICO has published a Guide to data protection, along with the following guidance:

  1. Guide to data protection—Principle 6—Subject access requests

  2. Guide to data protection—Exemptions

Related documents:

Popular documents