• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month
  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. 7
  8. 8
  9. 9
  10. 10
  11. 11
  12. 12
  • Level: GCSE
  • Subject: ICT
  • Word count: 3933

The Data Protection Act 1998 - questions and answers

Extracts from this document...


The Data Protection Act 1998 The Data Protection Act 1998 is a security issue. The seventh Data Protection Principle requires adequate security measures to protect personal data; while the eighth Principle prohibits the export of such data to countries outside of the EU that do not have an adequate level of data protection for data subjects (at the moment, this includes the USA). And on top of this, individual company directors can be held liable. Nevertheless, the new Data Protection Act is still little understood - so we asked Elaine McKinney, a solicitor with MacRoberts, to give us an overall picture of this new law. Why do we need a Data Protection law? Due to the explosion in use of computers concerns were expressed that information was being processed about individuals without their knowledge and without the ability to have access to that information or correct it if it was wrong. The Data Protection law attempts to maintain a balance between the rights of individuals and the ability of others to process information about them. What is the law in the UK? The Data Protection Act 1984 will soon be replaced by the Data Protection Act 1998 ('the 1998 Act'). The 1998 Act is being introduced to allow the UK to comply with its European obligations. The UK is late in introducing the new law and no firm date has yet been set for it to become law. So, is the new law in force yet? The 1998 Act is not yet in force. Until it becomes law, there is no requirement to comply with it; but remember, the provisions of the Data Protection Act 1984 still apply. Also, some public bodies which are considered 'emanations of the state' have to comply with the underlying European Directive straight away. Will the law totally change with the 1998 Act? Although there are substantial differences including the application of the law to some manual data not just computerised data, a new category of data called ...read more.


Again this term is not defined in the 1998 Act and is question of fact in each case. The Commissioner has stated that she will take into account a number of factors including how much it would cost the data controller to provide the information weighed against the benefits to the data controller of processing the information. What type of manual information is caught by the 1998 Act? Manual information which is held in a 'relevant filing system' is caught by the 1998 Act. A relevant filing system is defined as any set of information relating to individuals which, although not processed automatically, is structured, either by reference to individuals or by reference to criteria relating to individuals, in such a way that specific information relating to a particular individual is readily accessible. The critical point relating to relevant filing systems is the structure of the information within a filing system rather than the nature of the information itself. If specific information relating to a particular individual is readily accessible then the manual information will be caught. There is some confusion over what a relevant filing system actually is however the government believes that the wording covers highly structured systems including card index systems but would not include a ring binder full of information about an employee if specific information about that employee could not be readily accessed. Companies need to have a look at how they hold manual information to see whether this could fall within the definition of a relevant filing system. It should also be remembered that individuals will have the right to see manual data held in a relevant filing system by making a subject access request and companies need to think about setting up procedures to give individuals subject access to manual files. There are transitional provisions under the 1998 Act which mean that not all existing manual files will be caught by the 1998 Act from day one. ...read more.


This assumes that all EEA States will have implemented Directive 95/46 as this provision is drawn from Article 25(1). There is no objective test of adequacy given in either the Directive nor the Act; the level of adequacy has to be determined subjectively as 'one which is adequate in all the circumstances of the case having regard...' to factors similar to the other Data Protection Principles. The adequacy test applied to the recipient country or territory is likely to be the same (or higher) than that imposed by the Act. Where it appears to a Member State that a particular country does not afford an adequate level of protection and the European Commission confirms this, Member States will be required to prohibit the transfer of data to that country. Conclusion The 1998 Act, although built around the provisions of the 1984 Act, constitutes a major departure in some areas. Companies require to look at how they hold and process data and will in particular have to consider how they intend to meet the new conditions for processing of data discussed above. In addition procedures will require to be put in place to deal with subject access requests which, in time, will also apply to manual as well as computerised data. The Act's provisions regarding the prohibition of the transfer of data to countries which do not have an adequate level of protection will have a significant on companies which process or transfer data overseas or which have overseas customers or branches. Much of the Act's terms will require to be fleshed out in subordinate legislation and guidance. Further information can be obtained on the Commissioner's web site at http://www.open.gov.uk/dpr/dprhome.htm. The information contained in this guide is intended to provide a brief overview of the main provisions of the new law. It is of the nature of general comment only and neither purports nor is intended to be advice on any particular matter. Readers should not act on the basis of any of the information contained here without taking appropriate legal advice on their own particular circumstances. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our GCSE Legislation & The Legal Framework section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related GCSE Legislation & The Legal Framework essays

  1. Peer reviewed

    The Data Protection Act

    4 star(s)

    How the Data Protection Act affects the community There is also lots of information held about local people in circulation within the community (i.e.

  2. Discussing legislation - Data Protection act, Copyright, Computer Misuse, Health and Safety at Work ...

    community as for example if we take hacking and someone tries to hack the account of a school or even internet cafes and libraries he will be able to destroy the computers and the law would not be able to do anything about it.

  1. The Legislation That Protects Individuals and Groups using IT. Use of It by myself ...

    Facebook can also retain data of its users and users will have no control over what information of them stays on the internet and what goes. While the Data Protection Act in this case imposes a limit, it cannot protect the whole user-base.

  2. 3E-The legislation that protects individuals and groups from the misuse of ICT

    the necessary data which needs storage by any organisation secure in some way. This is extremely important because without this specific law, the information which Maria communicates through to the organisation she is working at can be retrieved and used by anyone for a lot of diverse purposes which can cause many problems for her.

  1. Data Protection Act

    Analysis 1.0 What is Data Protection Act (1998), 8 essential principles? Data is facts of any kind, whether in number or verbal form. Although this is the correct explanation business people are inclined to use the terms to mean numerate information only.

  2. Data Protection Act

    your child and that we are sending this to the school database. This sheet would be used to find out things like medical reasons and contact numbers. The school will need to send out copies of this sheet to ensure that it is correct.

  1. You have to explain how you have looked after the equipment and ensured its ...

    * If you hold a lot of data, which would be very expensive to recreate, invest in a fire proof safe to protect against theft and fire. Copyright and Confidentiality Copyright is a kind of law. It says that if you make something, then it belongs to you.

  2. Legal Aspects of Using Information Technology

    The sixth principle states that the personal data must be processed in accordance with the rights of data subjects. Some of theses rights include the data subject's right to: * find out what data is being processed about them, in what manner and why * find out if data is

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work