Report Summary
Issued 24 July 2025, this FOI response advises that the Scottish Police Authority has no jurisdiction in terms of governance of Police Scotland's compliance with GDPR. Advice is provided that GDPR legislation is regulated by the Information Commissioners Office (ICO).
To access the full document please open the PDF document above.
To view as accessible content please use the sections below. (Note that some tables and appendixes are not available as accessible content).
Request
Your request for information dated 28 June 2025 is copied below.
As set out in the Police and Fire Reform (2012) Act the role of the Scottish Police Authority is to provide governance and oversight of policing in Scotland, in this context can you answer the following questions,
Are the Scottish Police Authority responsible for holding Police Scotland to account regarding its compliance with GDPR legislation?
If not the responsibility of the SPA who is the responsible body?