E-Commerce Laws and Legislation - The Data Protection Act

Authors Avatar by nickstrife (student)

Nick Strife

Data Protection Act

The Data Protection Act was implemented to protect the privacy of living individuals who could be identified from the data, or from a combination of data held by the data controller. This also includes any opinions expressed about the individual.

When Collecting data, the data controller must ensure they tell the individual who they are, what the information is going to be used for and ensure that they do not collect more information than is necessary.

The data must be kept securely and not kept for longer than it’s needed. It must also be kept up to date and accurate. Individuals have the right to access their data at any time. Companies may charge a fee for this but they must respond within a set timeframe set out by their particular contract.

The act contains eight “Data Protection Principles”. These specify that personal data must be:

1. Processed fairly and lawfully.

2. Obtained for specified and lawful purposes.

3. Adequate, relevant and not excessive.

4. Accurate and up to date.

5. Not kept any longer than necessary.

6. Processed in accordance with the “data subject’s” (the individual’s) rights.

7. Securely kept.

8. Not transferred to any other country without adequate protection in situ.

This has an impact on businesses because they must ensure anyone involved in collecting or accessing personal data is fully aware of the laws and legislations and they must be monitored to ensure the Act is being followed. If the Data Protection Act is breached in any way the Information Commissioner’s Office has the power to issue fines of up to £500,000 to small businesses. For many start-up companies this would be devastating.

There are certain circumstances where the Data Protection Act does not apply:

A business is only holding information which pertains to the internal workings of the company. Such as payroll, advertising, marketing and other PR related activities.

Join now!

The organisation is not for profit.

The data is only processed for the purpose of personal, family or household affairs

The data is only used to maintain a public register.

No computers are used to process the data

There has been a big problem recently with the use of cookies on e-commerce websites. Cookies are used to store information entered on forms to make completing them in the future quicker for the user. However some people feel that this is a breach of their privacy because they have not given consent for this information ...

This is a preview of the whole essay

Here's what a teacher thought of this essay

A very well written piece of work. The writer has clearly done some research and consolidated their findings into succinct sections. There is a lot of information in here that the student can use to revise from and prepare for an exam. the quality of written communication is good, there are a few minor errors. It is a strong four stars. To push it to five stars the writer needs to include the scope of the acts geographically, refer to the dates that they came into being (as they have for the final one) and give some facts and figures to improve the level of detail with some examples.