Start by finding out who holds information about you, and whether it is accurate. With a few minor exceptions - for example, where it might prejudice the prevention or detection of crime - you have the legal right to view any personal information.
Any organisation that uses personal data commercially or in the public sector has to register with the Office of the Data Protection Registrar (see contacts box). It has to explain, in broad terms, whose personal data it holds, what information is kept, and the purposes for which it is used.
You are entitled to see this register and write to any organisation on it, asking for a copy of all information held about you to which the 1984 Data Protection Act applies. If in doubt, address the letter to the chief executive or company secretary. Because the organisation may have divided up its activities into separate entries on the register, you may have to pay to see several sets of information. The fee cannot be more than pounds 10 per entry and you should receive a reply within 40 days.
If any information held is wrong, the organisation must change it. The Data Protection Registrar can make sure that mistakes are corrected, and considers complaints against organisations. You can also seek compensation through the courts if your personal data is lost, destroyed or disclosed without your authorisation, or if inaccurate data is damaging.
As a short cut to finding out what other people are saying about you, contact Experian and Equifax. These are the UK's two credit-reference agencies through which banks, mortgage lenders, credit-card companies and mobile phone suppliers share information about individuals' credit ratings.
These agencies take no part in active lending decisions, but lenders assume the information they hold is correct. Your credit file holds public information including your name and address from the electoral roll, any county court judgments and records of bankruptcies. It also contains credit data including lenders' customer records and details of any house repossessions. Each time a company opens the file a "footprint" is left, so the file also tells you which lenders have done a search on you - helping you spot any fraudulent credit applications in your name.
Experian and Equifax will send you a copy of your credit file, with explanatory notes, within seven working days on receipt of a pounds 2 cheque or postal order and a letter giving your full name, address and previous addresses over the last six years. If the file is inaccurate you can get it changed - either by the agency in the case of public information, or by the company if the problem is with credit information.
"Association" is a particular problem to look out for. Lenders lump a whole household's finances together when making credit decisions, so just by sharing a home with anyone of the same surname, related or otherwise, your finances are assumed to be linked. If you can prove they are not, the credit-reference agency can create a "disassociation" that appears on your file.
It's not just financial institutions whose records can affect your finances. Your medical records are also worth checking as their contents can have a big impact on access to mortgages, loans or insurance policies. Dr Judy Gilley, deputy chairwoman of the British Medical Association's GP committee, says few people realise that lenders and insurers make very detailed searches of medical histories. "Most people tick a box giving companies consent to look at their records, without knowing what's in them themselves or what the company's looking for," she says. "Sometimes they'd be amazed what companies ask."
Health information demanded by insurers and lenders can include height and weight ratios and details of drinking and smoking habits. Some ask more subjective questions, such as "does the patient's lifestyle put him at risk of contracting HIV?". If you want to see your
medical records, write to your GP, who may request an appointment to go through the records. The standard fee is pounds 10. Under the Access to Health Records Act 1990, any sections of your medical records that refer to other people will not be shown to you. Health professionals can also refuse to show you your records if doing so could, in their judgement, damage your health. If your records are wrong, you can have them changed.
Credit and debit-card numbers may not feel like personal data, but they are. Around pounds 122m, the equivalent of pounds 1.20 per card issued, was lost to "plastic fraud" last year. More than half the fraud was committed using cards physically stolen or lost, with 13 per cent spent on cards stolen even before they arrived at the customer's address. "'Skimming" - producing a duplicate counterfeit card from someone else's details - made up 17 per cent of fraud losses in 1997. Another 8 per cent of fraud was conducted on "card not present" transactions. That is, the fraudster used someone else's number over the phone.
Protect yourself by looking after your cards and checking your statements regularly. Never leave cards in high-risk places like cars, and shop around for the most secure cards on the market. Some Royal Bank of Scotland cards include engraved photographs and signatures, as do cards from Liverpool Victoria and Saga (for older customers only). The latest Visa cards use micro-chips, making them much more difficult to forge. If you want to buy something over the internet, look out for Visa's and Mastercard's SET (secure electronic transaction) mark. Websites with the mark have met strict security criteria and use encoding and identification software.
The battle to keep control of your personal data may seem a daunting one in the digital age, but it is certainly one worth fighting. If enough people make the effort, Big Brother may not be so big after all.