Abstract
This Article critiques the court’s decision in Durant and uses the issues of the case to further analyze the appropriate parameters of personal data and subject access rights under data protection laws in Europe. Part II surmises the notions of privacy and data protection to help show the ambiguity in the rights being codified in data protection statutes. A brief synopsis of the emergence of data protection laws in Europe are presented in Part III, followed by an overview of the Directive and data protections laws in the United Kingdom in Part IV. With the necessary understanding of the technical terminology used in the Directive and DPA, Part V then discusses the Durant case.
Part VI offers a critique of the court’s statutory interpretation, pointing out three specific instances where the court erroneously ignored drafters’ intent. The statutory analysis will serve to highlight how the shortcomings are in the court’s interpretation of UK data protection law; the law itself does not require reform. In Part VII, this Article will use the Durant rationale for limiting the definition of personal data to show that the current scope of personal data is necessarily “sweeping” and not subject to any narrowing interpretation. Next, Part VII highlights the variables needed to create a more limited personal data definition; the discussion shows the difficulty in eliminating certain categories of data from the personal data definition. With necessarily broad personal data definition in mind, Part VII then argues for a reevaluation of the subject access provisions in European data protection laws.
This Article concludes by challenging those opposed to the current breadth of the personal data definition to develop a more limited definition based on the issues and dilemmas discussed. An additional challenge is posed to those in favor of the current scope of personal data—to develop a limiting framework for subject access rights accounting for both the need to provide a high level of privacy protection and the ongoing and future problems in the current framework.
Recommended Citation
Rempell, Scott
(2006)
"Privacy, Personal Data and Subject Access Rights in the European Data Directive and Implementing UK Statute: Durant v. Financial Services Authority as a Paradigm of Data Protection Nuances and Emerging Dilemmas,"
Florida Journal of International Law: Vol. 18:
Iss.
3, Article 2.
Available at:
https://scholarship.law.ufl.edu/fjil/vol18/iss3/2