Originally Posted by
KevinM2
Thanks ^
I would like the opportunity to be involved and discuss the ongoing investigation, & be privvy to the final outcome of it (that I know is currently ongoing at a BA quite senior level), but I do appreciate the Data Protection Act is there for a reason, and doesn't really have discressionary clauses to allow bypassing it, otherwise it wouldn't really be worth having, so I am not really sure how much more I will be permitted to be involved in this now.
There are a lot of myths about the DPA (including that it is only there to protect politicians and the famous). Yes there are some idiosyncracies and yes some organisations misuse it for reasons for not doing something (just like Health & Safety is used as a catch all for all sorts of issues) but its aim is to protect the individual.
It exists to protect personal information and ensure that it is only collected for valid reasons, is processsed according to rules and is stored securly etc.
BA is registered under the DPA and it allows BA to collect certain data from passengers in line with its business functions (which it has to justify when it registers) or which it is required to collect under the law. So whilst BA might like to know the name of everyones pet it cannot collect the information because it is not relavent to its business functions (unless of course it is transporting your pet!). However a pet store will be able to collect such info.
If an individual authorises another person (or organisation) to act on their behalf then the provisions of the Act are met and there should be no difficulties in you being told about the investigation etc
So as your Aunt has authorised you to access her BAEC account then that is enough to satisfy the provisions of the DPA. Ditto if she had asked a firm of solicitors to act on her behalf, BA can't say "we can't share because it breaches the DPA"