• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month
  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. 7
  8. 8
  9. 9
  10. 10
  11. 11
  12. 12
  • Level: GCSE
  • Subject: ICT
  • Word count: 3933

The Data Protection Act 1998 - questions and answers

Extracts from this document...


The Data Protection Act 1998 The Data Protection Act 1998 is a security issue. The seventh Data Protection Principle requires adequate security measures to protect personal data; while the eighth Principle prohibits the export of such data to countries outside of the EU that do not have an adequate level of data protection for data subjects (at the moment, this includes the USA). And on top of this, individual company directors can be held liable. Nevertheless, the new Data Protection Act is still little understood - so we asked Elaine McKinney, a solicitor with MacRoberts, to give us an overall picture of this new law. Why do we need a Data Protection law? Due to the explosion in use of computers concerns were expressed that information was being processed about individuals without their knowledge and without the ability to have access to that information or correct it if it was wrong. The Data Protection law attempts to maintain a balance between the rights of individuals and the ability of others to process information about them. What is the law in the UK? The Data Protection Act 1984 will soon be replaced by the Data Protection Act 1998 ('the 1998 Act'). The 1998 Act is being introduced to allow the UK to comply with its European obligations. The UK is late in introducing the new law and no firm date has yet been set for it to become law. So, is the new law in force yet? The 1998 Act is not yet in force. Until it becomes law, there is no requirement to comply with it; but remember, the provisions of the Data Protection Act 1984 still apply. Also, some public bodies which are considered 'emanations of the state' have to comply with the underlying European Directive straight away. Will the law totally change with the 1998 Act? Although there are substantial differences including the application of the law to some manual data not just computerised data, a new category of data called ...read more.


Again this term is not defined in the 1998 Act and is question of fact in each case. The Commissioner has stated that she will take into account a number of factors including how much it would cost the data controller to provide the information weighed against the benefits to the data controller of processing the information. What type of manual information is caught by the 1998 Act? Manual information which is held in a 'relevant filing system' is caught by the 1998 Act. A relevant filing system is defined as any set of information relating to individuals which, although not processed automatically, is structured, either by reference to individuals or by reference to criteria relating to individuals, in such a way that specific information relating to a particular individual is readily accessible. The critical point relating to relevant filing systems is the structure of the information within a filing system rather than the nature of the information itself. If specific information relating to a particular individual is readily accessible then the manual information will be caught. There is some confusion over what a relevant filing system actually is however the government believes that the wording covers highly structured systems including card index systems but would not include a ring binder full of information about an employee if specific information about that employee could not be readily accessed. Companies need to have a look at how they hold manual information to see whether this could fall within the definition of a relevant filing system. It should also be remembered that individuals will have the right to see manual data held in a relevant filing system by making a subject access request and companies need to think about setting up procedures to give individuals subject access to manual files. There are transitional provisions under the 1998 Act which mean that not all existing manual files will be caught by the 1998 Act from day one. ...read more.


This assumes that all EEA States will have implemented Directive 95/46 as this provision is drawn from Article 25(1). There is no objective test of adequacy given in either the Directive nor the Act; the level of adequacy has to be determined subjectively as 'one which is adequate in all the circumstances of the case having regard...' to factors similar to the other Data Protection Principles. The adequacy test applied to the recipient country or territory is likely to be the same (or higher) than that imposed by the Act. Where it appears to a Member State that a particular country does not afford an adequate level of protection and the European Commission confirms this, Member States will be required to prohibit the transfer of data to that country. Conclusion The 1998 Act, although built around the provisions of the 1984 Act, constitutes a major departure in some areas. Companies require to look at how they hold and process data and will in particular have to consider how they intend to meet the new conditions for processing of data discussed above. In addition procedures will require to be put in place to deal with subject access requests which, in time, will also apply to manual as well as computerised data. The Act's provisions regarding the prohibition of the transfer of data to countries which do not have an adequate level of protection will have a significant on companies which process or transfer data overseas or which have overseas customers or branches. Much of the Act's terms will require to be fleshed out in subordinate legislation and guidance. Further information can be obtained on the Commissioner's web site at http://www.open.gov.uk/dpr/dprhome.htm. The information contained in this guide is intended to provide a brief overview of the main provisions of the new law. It is of the nature of general comment only and neither purports nor is intended to be advice on any particular matter. Readers should not act on the basis of any of the information contained here without taking appropriate legal advice on their own particular circumstances. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our GCSE Legislation & The Legal Framework section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related GCSE Legislation & The Legal Framework essays

  1. Peer reviewed

    The Data Protection Act

    4 star(s)

    This Act is highly valuable for people such as myself. How the Data Protection Act affects me The Data Protection Act helps me the most because I have a lot of personal information stored about me on the school database (i.e.

  2. Data Protection Act

    Overall the data protection act means that I can be protected at school and when I have left it is quickly deleted to keep me safe as well. The data protection act is also used to help online. I usually buy things online from websites like Amazon.

  1. Discussing legislation - Data Protection act, Copyright, Computer Misuse, Health and Safety at Work ...

    and deception or spreading malicious rumors * Pornography - any material showing illegal acts stored on computers * Identity and financial abuses - Identity theft and misuse of credit cards and even printing counterfeit money * Viruses - programming and deliberately spreading viruses Evaluation: All of these laws affect the

  2. Data Protection Act

    In the Data Protection Act 1998 it was updated legislation and gave employees the right to see the personal files. Organisations are only allowed to keep relevant information on customers for the purpose for which it was collected and not longer than is necessary.

  1. The Data Protection Act, 1998

    Rights of Data Subjects In the sixth of the eight principles shown, the rights of the data subject were mentioned. The rights of individuals have increased substantially in the 1998 Act. The individual can: * be given a copy of the data held * prevent processing of the data if

  2. 3E-The legislation that protects individuals and groups from the misuse of ICT

    Therefore this means that the law creates an impact upon the whole of the community because the Data Protection Act is enforced in all the various organisations an individual from Leyton may be linked to. The Act is in place to ensure that every single individual's personal information is

  1. Privacy and Data Protection: IT Law

    and Fundamental Freedoms 1950(ECHR)5 and Article 8 of the EU Charter of Fundamental Rights of 7 December 2000.6 Despite the fact that the "right to be let alone" is a principle of US law and the First, Third, Fourth, Fifth, Ninth, and Fourteenth Amendments contain elements of privacy rights, the

  2. Legal Aspects of Using Information Technology

    welfare at work of their employees, particularly regarding to the following: o safe entry and exist routes o safe working environment o well-maintained, safe equipment o safe storage of articles and substances o provision of protective clothing o information on safety o suitable training and supervision * prepare and continually

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work