Clarkslegal LLP - Solicitors in Reading and London

Legal Updates

A person`s name is personal data

28 February 2014 #Employment

An individual (data subject) has the right to access personal data about them from anyone who may hold this (data controller) and can write to the data controller to request sight of this data.  This can be done as a data subject access request or, where the request is made of a public authority, a freedom of information request. 

Personal data is defined as data which relates to a living individual who can be identified from that data or from that data and other information which is in the possession of, or is likely to come into the possession of the data controller.

In Durant v Financial Services Authority (2003) it was held that the mere mention of an individual in a document does not necessarily amount to personal data and that the information should be informative (biographical) in a significant sense and/or the individual should be the focus of the information.  However in the recent case of Edem v Information Commissioner and Financial Services Authority (2014) the Court of Appeal held that a person’s name on its own is personal data unless the name is so common that without further information that person would remain unidentifiable.

When complying with a personal data request, a data controller has the often onerous task of sifting through information to ensure that they are providing the data subject with their personal data but also that they are protecting any personal data belonging to third parties which may be interwoven with that of the data subject.   A third party’s personal data should not be disclosed without their consent (unless it is reasonable in all the circumstances to do so).  In practice, data controllers will usually either extract the data subject’s personal data from documents and put it into a separate document or redact any third party personal data from the document before supplying it.  This task would seem to be even more cumbersome now in light of the decision in Edem which has demonstrated that the narrower interpretation of personal data applied in Durham  should not be adopted and that the mere mention of a person’s name is likely to constitute their personal data.  This poses significant problems with documents such as emails which will always feature at least two names.

Clarkslegal, specialist Employment lawyers in London, Reading and throughout the Thames Valley.
For further information about this or any other Employment matter please contact Clarkslegal's employment team by email at by telephone 020 7539 8000 (London office), 0118 958 5321 (Reading office) or by completing the form on this page.
This information is for guidance purposes only and should not be regarded as a substitute for taking legal advice. Please refer to the full General Notices on our website.

Read more articles

Louise Keenan

Louise Keenan

T: 0118 960 4614
M: 0779 900 7325


Employment team
+44 (0)118 958 5321