• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

The Data Protection Act

Extracts from this document...

Introduction

The Data Protection Act contains eight Data Protection Principles. These state that all data must be: - Processed fairly and lawfully - Obtained & used only for specified and lawful purposes - Adequate, relevant and not excessive - Accurate, and where necessary, kept up to date - Kept for no longer than necessary - Processed in accordance with the individuals rights (as defined) - Kept secure - Transferred only to countries that offer adequate data protection The legislation underpinning these principles is extremely complex. It is not suitable for direct devolution to all the (lay) staff/managers who may have responsibility for personal data. Nor does it, on its own, provide a measure of compliance. Hence the need for supporting products and information. Terms and definitions. PERSONAL DATA- In this Act, unless the context otherwise requires- "data" means information which- (a) is being processed by means of equipment operating automatically in response to instructions given for that purpose, (b) is recorded with the intention that it should be processed by means of such equipment, (c) is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system, or (d) does not fall within paragraph (a), (b) or (c) but forms part of an accessible record as defined by section 68; "data controller" means, subject to subsection (4), a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed; "data processor", in relation to personal data, means any person (other than an employee of the data controller) ...read more.

Middle

DATA SUBJECT- References in this Act to the data protection principles are to the principles set out in Part I of Schedule 1. (2) Those principles are to be interpreted in accordance with Part II of Schedule 1. (3) Schedule 2 (which applies to all personal data) and Schedule 3 (which applies only to sensitive personal data) set out conditions applying for the purposes of the first principle; and Schedule 4 sets out cases in which the eighth principle does not apply. (4) Subject to section 27(1), it shall be the duty of a data controller to comply with the data protection principles in relation to all personal data with respect to which he is the data controller. DATA CONTROLLER- Except as otherwise provided by or under section 54, this Act applies to a data controller in respect of any data only if- (a) the data controller is established in the United Kingdom and the data are processed in the context of that establishment, or (b) the data controller is established neither in the United Kingdom nor in any other EEA State but uses equipment in the United Kingdom for processing the data otherwise than for the purposes of transit through the United Kingdom. (2) A data controller falling within subsection (1)(b) must nominate for the purposes of this Act a representative established in the United Kingdom. (3) For the purposes of subsections (1) and (2), each of the following is to be treated as established in the United Kingdom- (a) ...read more.

Conclusion

(2) A notification under this section must specify in accordance with notification regulations- (a) the registrable particulars, and (b) a general description of measures to be taken for the purpose of complying with the seventh data protection principle. (3) Notification regulations made by virtue of subsection (2) may provide for the determination by the Commissioner, in accordance with any requirements of the regulations, of the form in which the registrable particulars and the description mentioned in subsection (2)(b) are to be specified, including in particular the detail required for the purposes of section 16(1)(c), (d), (e) and (f) and subsection (2)(b). (4) Notification regulations may make provision as to the giving of notification- (a) by partnerships, or (b) in other cases where two or more persons are the data controllers in respect of any personal data. (5) The notification must be accompanied by such fee as may be prescribed by fees regulations. (6) Notification regulations may provide for any fee paid under subsection (5) or section 19(4) to be refunded in prescribed circumstances. Exemtions EXEMPTION FROM SECTION 22 19. Processing which was already under way immediately before 24th October 1998 is not assessable processing for the purposes of section 22. Offences Under The Act (1) If section 17(1) is contravened, the data controller is guilty of an offence. (2) Any person who fails to comply with the duty imposed by notification regulations made by virtue of section 20(1) is guilty of an offence. (3) It shall be a defence for a person charged with an offence under subsection (2) to show that he exercised all due diligence to comply with the duty. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our GCSE Legislation & The Legal Framework section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related GCSE Legislation & The Legal Framework essays

  1. The Data Protection Act 1998 - questions and answers

    employees, what type of information is held, where you intend to get the information from and who you intend to disclose it to. How much does it cost? Registration under the 1984 Act costs �75 for three years. This may change under the 1998 Act as notification is likely to

  2. Legal Aspects of Using Information Technology

    A most recent regulation wants businesses to provide customers clear descriptions of the different ways, in which online transactions can be completed. If something goes wrong with the transaction, the company may loose most of its customers. More importantly, the Company website must be effective and accessible, and the means

  1. Data Protection Act

    Every computer should be aware of the Data Protection Act. Every individual on a computer should register with Data Protection Registrar. It is a criminal offence not to register and ignorance of the law is no defence. Once registered, data users must comply with the eight principles of the Data Protection Act (see below 1.1, Page 7).

  2. Critically evaluate the extent to which it can be said that copyright law gives ...

    In this situation certain qualitative features are necessary in order to gain copyright. It was in the case of George Hensher Ltd v Restawhile Upholstery (Lancs) Ltd 3 that showed judges starting to make opinions and comments on what

  1. The Legislation That Protects Individuals and Groups using IT. Use of It by myself ...

    They can be stalked, harassed and a whole range of other criminal offences. But the Data Protection Act keeps the wrong people from accessing this personal data and makes sure the school keeps it safe. I, as a student, can feel much more secure knowing the act is in place and protects the information I have given to the school.

  2. 3E-The legislation that protects individuals and groups from the misuse of ICT

    Obrien's because his personal information/data is stored by the organisation he works at, which is the Lammas secondary school and is an area where this specific law is enforced. The data protection law protects Mr. Obrien's because it ensures that his personal details is safely secured and restricted for the

  1. ICT - Data Protection

    This allows databases to be used across an organisation and be shared between organisations very quickly. Misuse of information With more and more organisations using computers to store and process personal information, there was a danger the information could be misused or could get into the wrong hands.

  2. The legislation that protects individuals and groups from the misuse of ICT

    The Act helps to protect the money that the artist, developer or company makes from the sale of the item, it takes a long time and a lot of effort to create the pieces of media so it is right that the correct person gets the credit, the copyright and patent act helps to do this.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work