The IT Law Wiki

This wiki's URL has been migrated to the primary domain.Read more here


The IT Law Wiki


European Union[]


covers activities such as collecting information, recording and storing it, retrieving it for consultation, sending it or making it available to other people, and also blocking, erasing or destroying data.


Processing is

[t]he state that exists when information is being accessed or acted upon by one or more steps proceeding in a predetermined sequence or method.[1]


Processing is

[a] system of operations designed to convert raw data into useful information.[2]

Personal information[]

Processing is the

[o]peration or set of operations performed upon personal information that can include, but is not limited to, the collection, retention, logging, generation, transformation, use, disclosure, transfer, and disposal of personal information.[3]
any operation or set of operations that are performed on personal information or on sets of personal information, whether or not by automated means.[4]

United Kingdom[]


in relation to information or data, means obtaining, recording or holding the information or data or carrying out any operation or set of operations on the information or data, including —

(a) organisation, adaptation or alteration of the information or data,

(b) retrieval, consultation or use of the information or data,

(c) disclosure of the information or data by transmission, dissemination or otherwise making available, or

(d) alignment, combination, blocking, erasure or destruction of the information or data.[5]


  1. DCID 6/3, Glossary, App. B.
  2. FM 2-91.4, at Glossary-7.
  3. Privacy Risk Management for Federal Information Systems, at 29.
  4. Cal. Civ. Code § 1798.140(y).
  5. U.K. Data Protection Acts, 1988 and 2003.

See also[]