(1) The fourth data protection principle is that -
(a) personal data processed for any of the law enforcement purposes must be accurate and, where necessary, kept up to date, and
(b) every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the law enforcement purpose for which it is processed, is erased or rectified without delay.
(2) In processing personal data for any of the law enforcement purposes, personal data based on facts must, so far as possible, be distinguished from personal data based on personal assessments.
(3) In processing personal data for any of the law enforcement purposes, a clear distinction must, where relevant and as far as possible, be made between personal data relating to different categories of data subject, such as -
(a) persons suspected of having committed or being about to commit a criminal offence;
(b) persons convicted of a criminal offence;
(c) persons who are or may be victims of a criminal offence;
(d) wi
…