Data Protection Act
Read the Data Protection Act 1998 in full.
The Annotated Data Protection Act 1998 includes references to laws that have impacted on the Data Protection Act since it was introduced.
Privacy and Electronic Communications Regulations
Read the Privacy and Electronic Communications Regulations in full.
These regulations were amended in 2004 and again in 2011. The changes are set out in:
- The Privacy and Electronic Communication Regulations (EC Directive) (Amendment) Regulations 2004 - to enable companies and other corporate bodies to register with the Corporate Telephone Preference Service.
- The Privacy and Electronic Communications Regulations (EC Directive) (Amendment) Regulations 2011 - amend various provisions, including the rules on cookies, breach notifications and the Commissioner's powers.
European Commission Regulation 611/2013 sets out more detailed rules on notification of security breaches.
Freedom of Information
Read the Freedom of Information Act in full.
There are a number of Statutory Instruments which relate to the Freedom of Information Act. This is legislation which provides more detail and in some cases further obligations for organisations. Relevant Statutory Instruments include the following:
- The Freedom of Information and Data Protection (Appropriate Limit and Fees) Regulations 2004 (the fees regulations).
- The time limits for responding to requests are in section 10 of the Freedom of Information Act, but The Freedom of Information (Time for Compliance with Request) Regulations 2004 give the time limits for maintained schools, archives and the armed forces.
- Some legislation that prevents the disclosure of information has been repealed or amended. This is listed in the Freedom of Information (Removal and Relaxation of Statutory Prohibitions on Disclosure of Information) Order 2004.
Other Statutory Instruments relating to the Freedom of Information Act, including those which amend the list of bodies covered by the Act, are available on legislation.gov.uk.
The Section 45 Code of Practice sets out the practices that public authorities should follow when dealing with requests for information under the Act.
Environmental Information Regulations
Read the Environmental Information Regulations in full.
The Code of Practice on the discharge of the obligations of public authorities under EIR sets out good practice recommendations for public authorities to follow in meeting their obligations under the Regulations.
The Regulations implement the European Union Directive on public access to environmental information and the Directive therefore assists in the interpretation of the Regulations.
The Directive in turn is based on the Aarhus Convention. This is an international agreement, part of which sets out the obligations of the signatories in terms of providing access to environmental information. Both the European Union and the
Read the INSPIRE Regulations in full.
You can also read more about the INSPIRE regulations and the role of the ICO.
The Section 46 Code of Practice gives guidance on good practice in records management. This is relevant to both the Freedom of Information Act and the Environmental Information Regulations.
Scottish public authorities
The Freedom of Information Act, Environmental Information Regulations and INSPIRE regulations only apply to public authorities in England, Wales and Northern Ireland. Access to information held by Scottish public authorities is provided by the Freedom of Information (Scotland) Act 2002 and the Scottish Environmental Information Regulations. Scotland has complementary INSPIRE Regulations. For more information on Scottish legislation visit the Scottish Information Commissioner's website.