Planning Practice Note:
Data Protection Act as it Applies to Planning Records
INTRODUCTION
The Data Protection Act 1998 (the Act) widened the scope of the previous legislation in accordance with an EU Directive. The Act concerns the ways in which personal data may, and may not, be processed by both computer and manual methods.
DEFINITIONS
Data means information:
- processed in an automated system or recorded for that purpose;
- recorded or intended to be recorded in a filing system;
- an 'accessible record'.
Personal data means data relating to a living individual who can be identified:
- from that data;
- from that data in combination with other information in the hands of the data controller.
Sensitive personal data means personal data about:
- racial or ethnic origin;
- political opinions;
- religious beliefs;
- trade union membership;
- physical or mental health or condition;
- sexual life;
- offences or alleged offences;
- criminal proceedings and sentences.
THE APPLICABILITY OF THE ACT TO PLANNING
The LPA's planning system is registered with the Office of the Data Protection Commissioner as required by the Act.
The Act does not overrule other legislation. It merely requires that the principles of data protection shall be applied insofar as is possible within that other legislation.
Planning is a public process whose credibility relies on clear and transparent decision-making that remains in the public domain in perpetuity. To comply with the law, and in the interests of the freedom of information, planning files are normally open for public inspection.
It is inevitable, therefore, that participants in the process (applicants and objectors) will provide data covered by the Act. The duty of the LPA is to ensure that the data is processed and stored in a way that meets the 8 data protection principles as closely as possible.
But planning is about the development and use of land and not about people as individuals. It is generally possible, therefore, to keep the amount of personal data held (and particularly sensitive personal data) to a minimum and this rarely goes beyond:
- the names and addresses of applicants, agents and other correspondents;
- data supporting their opinions of the merits of planning proposals.
THE EIGHT DATA PROTECTION PRINCIPLES
The data protection principles are fundamental to the Act. The are set out here in précis form with an explanation of the steps taken by the LPA to comply with them.
1. 'Personal data shall be processed fairly and lawfully ... '. The planning process is embodied in statute law. Because most personal data contained in the system is in the public domain, the way in which it is processed can be seen to be fair, and if not, be corrected.
2. 'Personal data shall be obtained only for ... specified lawful purpose, and shall not be further processed in any manner incompatible with that purpose ... '. The data is used only for planning purposes (including the registration of Local Land Charges, if applicable).
3. 'Personal data shall be adequate, relevant and not excessive in relation to the purpose ... for which they are processed'. Personal data required by the system is generally confined to names and addresses. Sometimes sensitive personal information (or other private information) is required to allow an adequate assessment of a proposal to be made. This is kept confidential and does not form part of the publicly accessible record. Often correspondents voice personal opinions about proposals, but these do not fall within the definition of personal data.
4. 'Personal data shall be accurate and, where necessary, kept up to date'. Personal data required to be submitted in support of planning applications is the minimum required to satisfy the law. Information submitted by applicants and other correspondents is the minimum required to identify them and anything that they wish to add in support of their point of view. Planning records may be corrected if they are inaccurate, but it is important to emphasise that data must accurately represent the position at the time the application and decision were made.
5. 'Personal data ... shall not be kept for longer than necessary ... '. Planning records must be kept in perpetuity.
6. 'Personal data shall be processed in accordance with the rights of data subjects ... '. In practice this means that the subject must:
- be aware that his personal data is being processed;
- be able to have a copy of the data;
- be able to prevent the data's use for direct marketing purposes;
- in certain circumstances, prevent the data being processed.
The first two of these requirements are fully complied with. The LPA does not use the data for marketing purposes but is unable to prevent others from doing so as the data is in the public domain.
7. ' ... measures shall be taken against ... unlawful processing of ... destruction of, or damage to personal data'. This requirement is followed.
8. 'Personal data shall not be transferred ... outside the EU ... '. The LPA has no power to meet this requirement as regards data open to public access.
PRACTICE IN SOUTH SHROPSHIRE: SUMMARY
- Personal data required and processed for planning purposes is the minimum necessary to perform the statutory planning functions of the LPA;
- Sensitive personal data is processed in a very limited range of circumstances;
- When sensitive personal data is processed, the processing is kept separate from the normal administration of the planning process and is removed from files accessible to the public;
- Other sensitive data (e.g. financial data) is treated in the same way as sensitive personal data;
- Data subjects are informed that the LPA processes personal data supplied by them;
- Data subjects may see their personal data, obtain copies, and request corrections to be made;
- Personal data that is accessible to the public may be used by others for means not connected to the planning process.
CONTACTS
The IT Services Manager has overall responsibility for the Data Protection Act Council wide.
© Copyright South Shropshire District Council,
Stone House, Corve Street,
Ludlow, Shropshire, SY8 1DG.
Tel: (01584) 813000
Fax: (01584) 813128
e-mail: planning@southshropshire.gov.uk
Page Subscriptions:
Subscription allows you to track page changes without having to re-visit the page on too frequent a basis. The system will send you an email when a page to which you have subscribed is changed.
Subscribe to changes to this page here.Author: Planning and Building Control. Last Updated: 14/2/2007.
