The E-Regulator: New guidance on the “regulatory activity” exemption in the Data Protection Act

4 April 2012

The Information Commissioner’s Office (ICO) has recently issued new guidance on the application of the exemption relating to regulatory activity under section 31 of the Data Protection Act 1998 (DPA) which relates to an individual’s right to make a  subject access request and an organisation’s obligation to provide a  privacy notice when collecting personal data.

The guidance warns against blanket reliance upon the exemption without careful consideration of both the function being exercised and the extent to which disclosure would prejudice that function. With reference to the uncertain reference within the section to “relevant function”, the ICO has clarified that the exemption is available to functions of a public nature exercised by a variety of watchdogs whose regulatory role is recognised by both the general public and sector which they oversee. Finally, the ICO has clarified that where a regulator receives documents from another organisation, commonly the outcome of an investigation into a complaint, it is possible for both the regulator and the organisation from whom it received the material to rely upon section 31 so that the exemption is not circumvented by an individual simply making the same request of the originating organisation. 

Given the common difficulties encountered in applying the terms of the DPA to real life situations encountered by organisations, the ICO’s guidance and the working examples provided are welcome. However, as emphasised in the guidance itself, it must be read within the context of the law itself.

Emily Carter

Share insightLinkedIn Twitter Facebook Email to a friend Print

Email this page to a friend

On August 2nd 2014 Jack Roberts commented:

Section 31 subsection 4 DPA states that only named organisations can engage this exemption 31. The ICO is not on this list but use this exemption. Would you be able to say why please. They have said when asked the same that this list does not mean they cannot apply this exemption.

We welcome views and opinions about the issues raised in this blog. Should you require specific advice in relation to personal circumstances, please use the form on the contact page.

Leave a comment

You may also be interested in:

Skip to content Home About Us Insights Services Contact Accessibility