What is data protection?
In policy terms, data protection law aims to strike a balance between:
(a) the privacy interests of individuals, and
(b) the needs of organisations to make fair and reasonable use of information relating to those individuals in their operations.
It does not mean that researchers cannot make use of such information, or that they must always have an individual’s consent to do so, but it does impose controls and restrictions which must be complied with.
Technology has made it possible to collect and use increasing amounts of information about individuals in ever more diverse ways. The GDPR will introduce a new framework to safeguard the rights of those individuals.