• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

The Data Protection Act

Extracts from this document...

Introduction

The Data Protection Act contains eight Data Protection Principles. These state that all data must be: - Processed fairly and lawfully - Obtained & used only for specified and lawful purposes - Adequate, relevant and not excessive - Accurate, and where necessary, kept up to date - Kept for no longer than necessary - Processed in accordance with the individuals rights (as defined) - Kept secure - Transferred only to countries that offer adequate data protection The legislation underpinning these principles is extremely complex. It is not suitable for direct devolution to all the (lay) staff/managers who may have responsibility for personal data. Nor does it, on its own, provide a measure of compliance. Hence the need for supporting products and information. Terms and definitions. PERSONAL DATA- In this Act, unless the context otherwise requires- "data" means information which- (a) is being processed by means of equipment operating automatically in response to instructions given for that purpose, (b) is recorded with the intention that it should be processed by means of such equipment, (c) is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system, or (d) does not fall within paragraph (a), (b) or (c) but forms part of an accessible record as defined by section 68; "data controller" means, subject to subsection (4), a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed; "data processor", in relation to personal data, means any person (other than an employee of the data controller) ...read more.

Middle

DATA SUBJECT- References in this Act to the data protection principles are to the principles set out in Part I of Schedule 1. (2) Those principles are to be interpreted in accordance with Part II of Schedule 1. (3) Schedule 2 (which applies to all personal data) and Schedule 3 (which applies only to sensitive personal data) set out conditions applying for the purposes of the first principle; and Schedule 4 sets out cases in which the eighth principle does not apply. (4) Subject to section 27(1), it shall be the duty of a data controller to comply with the data protection principles in relation to all personal data with respect to which he is the data controller. DATA CONTROLLER- Except as otherwise provided by or under section 54, this Act applies to a data controller in respect of any data only if- (a) the data controller is established in the United Kingdom and the data are processed in the context of that establishment, or (b) the data controller is established neither in the United Kingdom nor in any other EEA State but uses equipment in the United Kingdom for processing the data otherwise than for the purposes of transit through the United Kingdom. (2) A data controller falling within subsection (1)(b) must nominate for the purposes of this Act a representative established in the United Kingdom. (3) For the purposes of subsections (1) and (2), each of the following is to be treated as established in the United Kingdom- (a) ...read more.

Conclusion

(2) A notification under this section must specify in accordance with notification regulations- (a) the registrable particulars, and (b) a general description of measures to be taken for the purpose of complying with the seventh data protection principle. (3) Notification regulations made by virtue of subsection (2) may provide for the determination by the Commissioner, in accordance with any requirements of the regulations, of the form in which the registrable particulars and the description mentioned in subsection (2)(b) are to be specified, including in particular the detail required for the purposes of section 16(1)(c), (d), (e) and (f) and subsection (2)(b). (4) Notification regulations may make provision as to the giving of notification- (a) by partnerships, or (b) in other cases where two or more persons are the data controllers in respect of any personal data. (5) The notification must be accompanied by such fee as may be prescribed by fees regulations. (6) Notification regulations may provide for any fee paid under subsection (5) or section 19(4) to be refunded in prescribed circumstances. Exemtions EXEMPTION FROM SECTION 22 19. Processing which was already under way immediately before 24th October 1998 is not assessable processing for the purposes of section 22. Offences Under The Act (1) If section 17(1) is contravened, the data controller is guilty of an offence. (2) Any person who fails to comply with the duty imposed by notification regulations made by virtue of section 20(1) is guilty of an offence. (3) It shall be a defence for a person charged with an offence under subsection (2) to show that he exercised all due diligence to comply with the duty. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our GCSE Legislation & The Legal Framework section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related GCSE Legislation & The Legal Framework essays

  1. The Data Protection Act 1998 - questions and answers

    employees, what type of information is held, where you intend to get the information from and who you intend to disclose it to. How much does it cost? Registration under the 1984 Act costs �75 for three years. This may change under the 1998 Act as notification is likely to

  2. Legal Aspects of Using Information Technology

    IT Policy 2. IT Network Policy 3. IT Information Security Policy 4. Internet Policy IT Policy The IT Policy states that IKEA uses the information technology to support the business operations with appropriate and cost-effective solutions, to help the business operations to achieve increased customer benefits and to maximise business opportunities.

  1. Data Protection Act

    The Data Protection Act, organisations which hold such information have to register with Data Protection and have to agree to levels of accuracy and security. Exceptions to the registration rules include data used in payroll programs, mailing lists, in accounting programs or other records of purchase and sales and in word processing documents.

  2. Critically evaluate the extent to which it can be said that copyright law gives ...

    Unless of course an opinion poll was completed, in which case it would be incredibly time consuming and not particularly cost-efficient. The courts also have to consider the intention of the artist or maker before considering any kind of copyright protection, especially when considering whether the item constitutes a piece of 'artistic craftsmanship'.

  1. The Legislation That Protects Individuals and Groups using IT. Use of It by myself ...

    But if the Data Protection Act is broken, then my safety is put into compromise. But this gives me the right to hold charges against the school for breaking the act and breaching my rights. It further gives an incentive to the school to keep my data personal and safe.

  2. 3E-The legislation that protects individuals and groups from the misuse of ICT

    Overall, the advantages outweigh the disadvantages because the law keeps the necessary data which needs storage by any organisation secure in some way. This is extremely important because without this specific law, the information which I pass through to organisations can be accessed and used by anyone for many different purposes which can cause many problems for me.

  1. ICT - Data Protection

    This allows databases to be used across an organisation and be shared between organisations very quickly. Misuse of information With more and more organisations using computers to store and process personal information, there was a danger the information could be misused or could get into the wrong hands.

  2. The legislation that protects individuals and groups from the misuse of ICT

    This particular piece of legislation covers and protects the rights of individuals or groups who produce new material, this means that before somebody else's materials can be used, prior permission must be obtained, in some instances the rights of the material may be given up by making it freely available to the public.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work