Information Commissioner issues guidance on personal data

The Information Commissioner’s Office (ICO) has published a technical guidance note to explain and illustrate the ICO’s view of what is personal data for the purposes of the Data Protection Act.

Determining what is personal data is designed to help data practitioners decide whether data falls within the definition where this is not obvious. Only data falling within the definition is subject to the rules of good information practice imposed by the Act.

Phil Jones, Assistant Commissioner at the ICO, said: “We have recognised for some time the need to provide more help to those who have to make difficult decisions on whether data is subject to the Data Protection Act. In many cases it will be obvious that data relates to, or is about, an individual. However, this is not always the case. The guidance relies heavily on examples to illustrate circumstances when data relates to an identifiable, living individual.”

The definition of personal data is important to public authorities responding to access requests made under the Freedom of Information Act. That Act provides that where an access request is made to information that is the personal data of the requester that the request is handled as a subject access under the Data Protection Act.

The Freedom of Information Act also provides that where the information requested is personal data about an individual other than the requester that the personal data should not be released if the release would involve a breach of data protection rules.

The guidance note is available on the ICO's website at

ICO issues guidance on personal data (Director of Finance online, 30 August 2007)