Government proposal to exclude data protection rights for immigration data

The Data Protection Act 1998 ('DPA') came into force in 2000, with the purpose of extending the protection of personal data. It gave individuals legal rights to control information about themselves held by organisations and reinforced existing rights.  This principles enshrined in the DPA include ensuring that the data is held and processed fairly and lawfully and only for specified and lawful purposes; that it is relevant and not excessive in light of the purpose(s); that it is accurate and up to date; and that it is not held for longer than is necessary. A key right for individuals is to be allowed to see the information that is held about them. Without this, individuals cannot effectively enforce many of their other core rights under the DPA or make a claim for damages for distress resulting from breach of the DPA.

An individual can make a request for information held about them (a 'subject access request' or 'SAR') to a wide range of data controllers and data processors including public authorities and private bodies. A request can cover all personal data, and there are only a limited number of exemptions which allow a SAR not to be complied with in whole or in part. The General Data Protection Regulations ('GDPR'), due to come into force on 25 May 2018, extends the protection of personal data. In light of the growing concerns about the security and misuse of our personal data and scandals, this is to be welcomed.

However, the government is seeking to introduce a wide-ranging exemption to data protection legislation which would result in data protection rights being taken away from anyone whose details are processed for "effective immigration control". This will eat away at the fundamental principles underlying data protection in an area where the state has huge coercive powers and a documented history of being an poor data controller. It will affect anyone who has the misfortunate of coming into contact with our dysfunctional immigration system and whose data is recorded. Those affected will include unaccompanied child asylum seekers, refugees with approved asylum claims, trafficked people, spouses of British/EU nationals hoping to settle in the UK, and people who were born in Commonwealth countries and arrived in the UK as children many years ago such as Michael Braithwaite, Albert Thompson and Paulette Wilson. What is even more worrying is that the wording is so vague that the exemption could be interpreted much more broadly.

Not only will this proposal undermine migrants' right to access justice by preventing them making SARs, challenging the (mis)use and accuracy of their data and bringing DPA damages claims, it could also make the sharing of sensitive personal information with other government department or for-profit contractors easier.  Liberty are campaigning vigorously against the government's proposal.

Enforcing the rights of individuals under the DPA is part of our daily work, whether by making SARs in the course of our clients' cases to reveal data held about them or by bringing claims for breach of the DPA. If you are concerned that you have suffered as a result of a DPA breach or you need assistance enforcing your rights under the DPA, you can contact us to see if we can help.

Contact our Litigation Solicitors London

If you are a business or individual affected by a potentially serious and high-value data protection breach, contact us today on 020 3733 4479 or complete our online enquiry form to see how we can assist.


    How can we help?

    Please fill in the form and we’ll get back to you as soon as we can

    We have partnered with Law Share from JMW Solicitors LLP to refer instructions and clients to them, when we are unable to act. By answering yes to this question, you agree that we may pass your details on to Law Share in such circumstances. You are under no obligation to instruct JMW Solicitors LLP after being referred. We may receive a payment from JMW Solicitors LLP further to this referral.