Page
  1. 1
    1
  2. 2
    2
  3. 3
    3
  4. 4
    4
  5. 5
    5
  6. 6
    6
  7. 7
    7
  8. 8
    8
  9. 9
    9
  10. 10
    10
  11. 11
    11
  12. 12
    12
  • Level: GCSE
  • Subject: ICT
  • Essay length: 3933 words

The Data Protection Act 1998 - questions and answers

Extracts from this essay...

Introduction

The Data Protection Act 1998 The Data Protection Act 1998 is a security issue. The seventh Data Protection Principle requires adequate security measures to protect personal data; while the eighth Principle prohibits the export of such data to countries outside of the EU that do not have an adequate level of data protection for data subjects (at the moment, this includes the USA). And on top of this, individual company directors can be held liable. Nevertheless, the new Data Protection Act is still little understood - so we asked Elaine McKinney, a solicitor with MacRoberts, to give us an overall picture of this new law. Why do we need a Data Protection law? Due to the explosion in use of computers concerns were expressed that information was being processed about individuals without their knowledge and without the ability to have access to that information or correct it if it was wrong. The Data Protection law attempts to maintain a balance between the rights of individuals and the ability of others to process information about them. What is the law in the UK? The Data Protection Act 1984 will soon be replaced by the Data Protection Act 1998 ('the 1998 Act'). The 1998 Act is being introduced to allow the UK to comply with its European obligations. The UK is late in introducing the new law and no firm date has yet been set for it to become law. So, is the new law in force yet? The 1998 Act is not yet in force. Until it becomes law, there is no requirement to comply with it; but remember, the provisions of the Data Protection Act 1984 still apply. Also, some public bodies which are considered 'emanations of the state' have to comply with the underlying European Directive straight away. Will the law totally change with the 1998 Act? Although there are substantial differences including the application of the law to some manual data not just computerised data, a new category of data called

Middle

Again this term is not defined in the 1998 Act and is question of fact in each case. The Commissioner has stated that she will take into account a number of factors including how much it would cost the data controller to provide the information weighed against the benefits to the data controller of processing the information. What type of manual information is caught by the 1998 Act? Manual information which is held in a 'relevant filing system' is caught by the 1998 Act. A relevant filing system is defined as any set of information relating to individuals which, although not processed automatically, is structured, either by reference to individuals or by reference to criteria relating to individuals, in such a way that specific information relating to a particular individual is readily accessible. The critical point relating to relevant filing systems is the structure of the information within a filing system rather than the nature of the information itself. If specific information relating to a particular individual is readily accessible then the manual information will be caught. There is some confusion over what a relevant filing system actually is however the government believes that the wording covers highly structured systems including card index systems but would not include a ring binder full of information about an employee if specific information about that employee could not be readily accessed. Companies need to have a look at how they hold manual information to see whether this could fall within the definition of a relevant filing system. It should also be remembered that individuals will have the right to see manual data held in a relevant filing system by making a subject access request and companies need to think about setting up procedures to give individuals subject access to manual files. There are transitional provisions under the 1998 Act which mean that not all existing manual files will be caught by the 1998 Act from day one.

Conclusion

This assumes that all EEA States will have implemented Directive 95/46 as this provision is drawn from Article 25(1). There is no objective test of adequacy given in either the Directive nor the Act; the level of adequacy has to be determined subjectively as 'one which is adequate in all the circumstances of the case having regard...' to factors similar to the other Data Protection Principles. The adequacy test applied to the recipient country or territory is likely to be the same (or higher) than that imposed by the Act. Where it appears to a Member State that a particular country does not afford an adequate level of protection and the European Commission confirms this, Member States will be required to prohibit the transfer of data to that country. Conclusion The 1998 Act, although built around the provisions of the 1984 Act, constitutes a major departure in some areas. Companies require to look at how they hold and process data and will in particular have to consider how they intend to meet the new conditions for processing of data discussed above. In addition procedures will require to be put in place to deal with subject access requests which, in time, will also apply to manual as well as computerised data. The Act's provisions regarding the prohibition of the transfer of data to countries which do not have an adequate level of protection will have a significant on companies which process or transfer data overseas or which have overseas customers or branches. Much of the Act's terms will require to be fleshed out in subordinate legislation and guidance. Further information can be obtained on the Commissioner's web site at http://www.open.gov.uk/dpr/dprhome.htm. The information contained in this guide is intended to provide a brief overview of the main provisions of the new law. It is of the nature of general comment only and neither purports nor is intended to be advice on any particular matter. Readers should not act on the basis of any of the information contained here without taking appropriate legal advice on their own particular circumstances.

The above preview is unformatted text

Found what you're looking for?

  • Start learning 29% faster today
  • Over 150,000 essays available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Over 180,000 student essays
  • Every subject and level covered
  • Thousands of essays marked by teachers

Related GCSE Legislation & The Legal Framework

  1. ICT - Data Protection

    A Right of Correction A data subject may force a data controller to correct any mistakes in the data held about them. A Right to Prevent Distress A data subject may prevent the use of information if it would be likely to cause them distress.

  2. Peer reviewed

    The Data Protection Act

    4 star(s)

    How the Data Protection Act affects the community There is also lots of information held about local people in circulation within the community (i.e.

  1. The following report will compare differences between internal and external information sources relevant to ...

    However, organizations must review their files regularly to check whether they still need data on specific individuals and then remove that data if not needed. Copyright As well as the organisation and the individual, the software manufactures have laws over which they are protected also.

  2. Data protection act

    3B Martin is involved with the following laws: the data protection act, the computer misuse act, the copyright designs and patents act, the health and safety at work act and the health and safety regulations act. Although all these laws are important I believe that the data protection act is

  1. Discussing legislation - Data Protection act, Copyright, Computer Misuse, Health and Safety at Work ...

    The Computer Misuse Act (1990) These acts are taken very seriously in Croydon Community as without these laws the most libraries and internet cafes would have computers which don't even work as people would misuse it by for example trying to put viruses on it or hack into the administrator account and delete the file.

  2. Data Protection Act

    Data refers to facts and figures in their raw state, which have still to be processed. If you carry out a survey to count the number of cars and vans which pass your house each day, the number you write down are the data.

  1. Privacy and Data Protection: IT Law

    aims to protect the fundamental rights and freedoms of natural persons, in particular their right to privacy, with respect to the processing of personal data. The concept of privacy as a fundamental right can also be found in Article 8 of the European Convention for the Protection of Human Rights

  2. 3E-The legislation that protects individuals and groups from the misuse of ICT

    This condition is that the data will be secured and will restrict a number of hackers from gaining access or affecting the file. The Anti-virus software shall also be used in accordance to the law and as an individual, Maria will need to comply fully with the condition stated by

  • Over 180,000 essays
    written by students
  • Annotated by
    experienced teachers
  • Ideas and feedback to write
    your own great essays

Marked by a teacher

This essay has been marked by one of our great teachers. You can read the full teachers notes when you download the essay.

Peer reviewed

This essay has been reviewed by one of our specialist student essay reviewing squad. Read the full review on the essay page.

Peer reviewed

This essay has been reviewed by one of our specialist student essay reviewing squad. Read the full review under the essay preview on this page.