Off topic: DPA question

Roland Perry lists at
Fri Jun 13 11:42:04 BST 2014

In article <aj3jp9p51vpsei2hc77didaab6l3a85qj9 at>, Marcus 
Williamson <marcus at> writes
>Is a business email address considered "personal data" under the terms of the Data
>Protection Act (DPA)?

I discussed this at some length with the Commissioner (Elizabeth France 
at the time) who was somewhat out on a limb with her view [which I 
strongly agreed with] that what I'd call "obvious" email addresses like 
roland at were personal data!

Later reports from the Article 29 Working Party confirmed this, but some 
(and especially USA-ian folks) still seem to be in denial about it 
because they are extremely reluctant to adopt a position that some/many 
email addresses are personal data and only appear to be prepared to 
accept that all/none are, with a strong presumption that if they can 
find just one that clearly isn't, then the answer is "none".

As for business email addresses, well if roland at is a sole 
trader, then of course it still is.

roland at is also personal data because I'm 
immediately identifiable from that.

Where it starts getting tricky is whether a role address like
postmaster at is personal data, and I'd say it 
still was if you can easily find other information confirming who the 
postmaster (or ceo/sales/etc...) is.
Roland Perry

More information about the ukcrypto mailing list