Interaction between Data Protection Legislation and the Freedom of Information (Scotland) Act 2002
Data Protection Legislation (DPA 2018 and the GDPR) and Freedom of Information (Scotland) Act (FOISA) are both concerned with information but they have different and at times conflicting purposes. Data Protection legislation protects individuals' rights to privacy and fair processing of their personal data, whilst FOISA provides people with rights of access to the information held by public sector bodies. Data Protection legislation and FOISA therefore operate alongside each other but their interaction could be potentially complex. This guidance note provides a comparison between the scope of the two acts, and an introduction to their interaction.
Download the Interaction between DPA and FOISA Guidance Note
Further information on the interaction between Data Protection legislation and the Freedom of Information (Scotland) Act, and with other legislation, can be found in the Data Protection Code of Practice.
For further information and guidance on the Freedom of Information (Scotland) Act, please see
Governance Services' Freedom of Information site.