DPA (data protection act)

• the data protection act is a law designed to protect people’s personal data.

👉 Personal data = any information about a person
Examples:

• Name

• Address

• Phone number

• Medical records

💡 Why do we need it?

without these laws:

• companies could misuse your data

• data could be inaccurate

• your data could be shared without your permission

• you could be harmed ( fraud, privacy invasion)

🔑 The 8 Principles

1⃣ Fairly and Lawfully Processed

Data must be used fairly and legally.

No hidden or deceptive use

2⃣ Used for Specific Purposes

Data must only be used for the reason it was collected

👉 Not reused for something else

3⃣ Adequate, Relevant, Not Excessive

Only collect what is necessary

👉 Not too much data

4⃣ Accurate and Up to Date

Data must be correct

👉 Must be updated if needed

5⃣ Not Kept Longer Than Necessary

Data should not be stored forever

👉 Delete when no longer needed

6⃣ Processed in Line with Rights

People have rights:

• Access their data

• Correct it

7⃣ Kept Secure

Data must be protected:

• Encryption

• Passwords

• Access control

8⃣ Not Transferred Without Protection

Data should not be sent to countries without adequate data protection laws

⚖ ADVANTAGES & DISADVANTAGES (IMPORTANT — YOUR REQUEST)

✅ Advantages

• Protects individuals’ privacy

• Reduces risk of data misuse and fraud

• Forces organisations to be responsible

• Builds trust between users and companies

• Ensures data is accurate and secure

❌ Disadvantages

• Expensive for companies to implement (security, training)

• Can slow down business processes

• Strict rules may limit data usage/innovation

• Difficult to enforce globally

• Small businesses may struggle to comply