Copyright and Personal Data

Copyright and Personal Data

  1. Copyright and Intellectual Property Rights
  2. Personal and Sensitive Data

Copyright and Intellectual Property Rights

Copyright refers to the legal right a data creator has to control how their work/data is used and reproduced.  For data/work to be protected by copyright law it needs to be original and tangible. The current copyright legislation in the UK is the Copyright, Designs and Patents Act 1988.

In the case of burial space research, copyright will cover photographs of memorials and textual interpretations of burial spaces amongst other data/work. It is therefore very important that you gain agreement for any activity you may wish to carry out with copyrighted data/work. This includes the deposition of data with a digital archive or the publication of copyrighted work in print or online.

You can find out more about copyright legislation by visiting the Intellectual Property Office. If depositing your data with the Archaeology Data Service (ADS), you will be asked to sign a Deposit Licence Agreement that states you have acquired all relevant copyright permissions to deposit the data with the ADS, and for the ADS to disseminate that data online for public reuse under a Creative Commons (CC BY 4.0) licence. This access licence allows anyone to re-use or republish the data deposited in any way as long as they credit the original data creators.

Personal and Sensitive Data [back to top]

The Data Protection Act 2018 has transcribed to UK law the provisions of the EU General Data Protection Regulation commonly referred to as GDPR. This remains the case following the UK’s departure from the EU. A key feature of this legislation is that personal or sensitive data relating to a living individual cannot be processed by anyone without permission from the individual referred to in that data.

Personal data are defined as any information relating to natural persons who can be identified or who are identifiable, directly from the information in question; or who can be indirectly identified from that information in combination with other information. If data are fully anonymised and an individual is no longer identifiable then the data no longer constitutes personal data.

Sensitive personal data is a specific set of “special categories” that must be treated with extra security. These include data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, information about criminal convictions, data concerning health or data concerning a natural person's sex life or sexual orientation.

In the case of burial space recording this can mean that inscriptions that refer to potentially living individuals, such as the child of a deceased individual, can constitute personal data. Consequently, by recording the name and relationship of the potentially living individual, and adding it to a publicly accessible database such as the BSRD, you might be contravening the Data Protection Act 2018.

When depositing data with the Archaeology Data Service you will be asked to sign a Deposit Licence agreement that states you are not submitting any data that contravenes the Data Protection Act 2018 and the GDPR enshrined within it. Other archives including record offices and museums will ask for similar reassurances.

In order to ensure you are not contravening data protection laws, it is recommended that where it is difficult to identify if an individual is still alive, they should be anonymised (name not recorded) if the date of death of the deceased person is under 100 years from the date of recording.  This will mean that if a person is a day old when mentioned on the memorial, they would have to live to over 100 for you to be breaking data protection laws. This is a methodology used by the Office of National Statistics with their datasets, such as the UK Census.

Our data entry forms and spreadsheets have a field for declaring whether it is likely that a living person is mentioned on the memorial. If so, the details of the people 'mentioned' (as opposed to those 'buried' or 'commemorated'), any photographs and the inscription are all automatically embargoed for 100 years after the latest date on the memorial. For example, if the last burial was in 1952, then the relevant information is embargoed until 2052.

For more information, see the ADS Policy and Guidance on the Deposition of Personal, Confidential and Sensitive Data or visit the UK Information Commissioner's Office's Guide to the General Data Protection Regulation to find out more about how the GDPR applies in the UK, as enshrined within the Data Protection Act 2018.

Go back to the main guidance page.