Proportionality, privilege and purpose

In an important decision for employers and other data controllers, the Court of Appeal has reviewed the requirements of the Data Protection Act 1998 (DPA) governing subject access requests (SARs).

The Court had to determine how far rules of proportionality could limit a data controller's obligations to search for personal data, the extent to which legal privilege exempted documents from being included in the response to a SAR, and whether the fact that the data subject might also be seeking documents in connection with litigation allowed the data controller to refuse to comply with the SAR.

Authors

Seán Lavin Partner
Matthew Ramsey Senior Knowledge Lawyer

Authors

Seán Lavin Partner
Matthew Ramsey Senior Knowledge Lawyer

More information

Banks and alternative lenders
Private companies
Public companies
Alternative asset fund managers
Executives and business leaders
Institutional asset managers
Private clients and family offices
Private equity sponsors
Real estate investors and developers
Employment
Data Privacy and Cyber Security

Downloads

Proportionality, privilege and purpose (30.35KB)

Proportionality, privilege and purpose

This website uses cookies