In the UK, from today there is a right for you to see your information held by the society. Correct it if its wrong, and take action if its incorrect. It will also inform you of any "hidden agendas" that you may have suffered from.
In short the society are worried sick about this "sensitive data"(see the letters that have been leaked) legislation.
Lets use to it expose the society, in short this may be the next scandel to emerge. The UN/NGO is one battle - not the war, lets move on to the next one
Excerpts from the DPA 1998 - from HMSO
The 1998 Data Protection Act came into force early in 1999 and covers how information about living identifiable persons is used. It is much broader in scope than the earlier 1984 act, but does contain provision for a transitional period to comply with the new requirements.
The Data Protection Act, of course, is mandatory. ALL organisations that hold or process personal data MUST comply
Many companies are still unaware of their obligations. Businesses processing personal information may be breaking the law if they do not notify the Information Commissioner (previously known as the Data Protection Commissioner).
The policing of data protection is set to increase. And with more and more of the public becoming aware of their new legal rights, organisations should have a clean bill of health to avoid possible legal action.
The law sets rules for manual and electronic processing of personal data like names and addresses, dates of birth, and so on. Every organisation, however small, which keeps such records is responsible for the data collected, how it is used and to whom it can be given. And, unless a business qualifies for an exemption, it must notify the Commissioner, who will place the information on a public register of data controllers.
The aim of the law is to protect the individual’s privacy and regulate the use of personal data. Take a simple example. If a customer gives his or her home address for delivery, that information should only be used to make the delivery. You are not allowed to store it for any other purpose without the customer’s permission.
The new law has eight legally enforceable ‘data protection principles’. Information must be processed fairly and used for limited and declared purposes. It must be accurate, up to date and held for no longer than necessary. It must be kept secure and may not be transferred overseas unless safeguards are in place. And individuals also have the legal right to see any personal information you have stored about them. If asked, you must satisfy any request for this information within 40 days.
FAQ's
Can I collect and hold any information I want?
No. For the first time, the Act has introduced the concept of ‘sensitive data’. This includes information concerning an individual’s racial or ethnic origin, political opinions, trade union membership, health or sexual issues. Sensitive information of this nature may only be collected and held under strict conditions. In most cases, you must have the ‘explicit consent’ of the individual concerned.
Do I have to give individuals access to information I am keeping on them if they ask to see it?
Yes. You have a legal obligation to do so, but you can charge up to £10 for the service. Access must be given within 40 calendar days. The information must be provided in hard copy, unless you have the consent of the individual concerned to supply it electronically
What is the implementation timetable for the new law?
There are transitional arrangements. If you have notified the Commissioner under the 1984 Act, the first transitional period ends on 23 October 2001.