I was told during a telephone call yesterday that 'I'm sorry - we can't do that because of data protection'. When that sentence is correct, I've no problem with people quite rightly pointing out the rules. Similarly, having caution as a starting point, then working out from there is normally prudent.

Having said that, it does annoy me when data protection is blamed for something that is either a policy decision or a technical difficulty because the person or organisation concerned thinks that citing the Data Protection Act is a handy way to scare people off or stop them asking questions. All that does is contribute to a perception that data protection is somehow the enemy; that thing that stops you getting what you need or makes calling your bank a pain in the neck.

Data protection isn't a pain in the neck. We all benefit from data protection requirements that prevent our personal information being used in ways that could cause us significant harm. It's also worth remembering that the Data Protection Act is facilitative. It sets out the rules under which personal data can be processed as well as specifying the circumstances in which it can't. Casting data protection as a malign influence with a knee-jerk response to a question, to avoid changing something or explaining it properly isn't helpful, accurate or productive.