1-7 of 7 Results

  • Keyword: Data Protection Act 2018 x
Clear all

Chapter

Cover Information Technology Law

5. The data protection principles  

The notion that data controllers should comply with a set of general data protection principles has been a feature of data protection statutes from the earliest days. As well as imposing obligations on controllers, the principles also confer rights – most notably relating to subject access on data subjects. This chapter will consider the scope and extent of the principles paying particular attention to the requirement that personal data be processed fairly and lawfully. A topic of more recent interest relates to the length of time for which data may be held and made available to third parties. Often referred to as involving the “right to be forgotten”, this is especially relevant to the operation of search engines which make it easy for users to find news stories what would have passed into obscurity in previous eras. The chapter considers also at the operation of the principle requiring users to adopt appropriate security measures against unauthorized access, a topic which is of particular relevance given recent and well publicised large-scale cyber-attacks.

Chapter

Cover Information Technology Law

4. Supervisory agencies  

This chapter first describes the rationale for the establishment of supervisory agencies for data protection in EU States. This marks a significant divergence in approach from other countries such as the United States and continues to constitute a barrier to harmonisation in the data protection field. Specific attention is paid to the status and role of the United Kingdom’s Information Commissioner and the investigative and enforcement powers conferred on the Commissioner. The evolving nature of the requirements of registration of data controllers is considered as is the role of the Register of Data Controllers. Attention is given also to the appeal mechanisms established under the Act and to the role of the First Tier Tribunal.

Chapter

Cover Information Technology Law

3. The scope of data protection  

A number of concepts are critical to an understanding of the topic. Data protection legislation has historically applied where personal data concerning an identifiable individual is processed by a data controller using automated equipment. Developments in technology make it increasingly difficult to apply these concepts. Data that a decade ago would have been anonymous can now readily be linked to an individual. The emergence of cloud computing technology also creates legal complications in determining where processing takes place and which legal system will govern conduct. This chapter will focus on definitional issues in order to provide a basis for more detailed discussion of the application of data protection legislation in the following chapters.

Chapter

Cover Information Technology Law

6. Individual rights and remedies  

This chapter examines the rights that are specifically conferred upon data subjects and to the remedies which may be available in the event of any breach. The GDPR and the Data Protection Act 2018 provide for data subjects to be granted rights of access, the right to receive certain items of information, and rights either total or qualified to object to certain forms of processing of their personal data.

Chapter

Cover Information Technology Law

2. The beginnings of data protection  

Data protection has, at least in western Europe, been seen as a key element of the legal response to the issue of information surveillance. Dating back to the 1970s and 1980s, many data protection laws are, as is the case in the UK, in their 3rd generation of statutes. The scope (and length) of these statutes has expanded significantly although the core data protection principles have remained essentially unaltered. In addition to developments within the EU there have been data protection initiatives within international fora such as the Council of Europe, the Organisation for Economic Cooperation and Development (OECD), the UN, and the Asia-Pacific Privacy Charter initiative. As with early UK developments where commercial pressure driven by the need to guarantee the free movement of data to and from the UK played a major role in the introduction of the first statute – the Data Protection Act 1984 – so commercial factors are once again at play with multi-national companies tending to argue that it is easier for them to comply with a global set of data protection rules – even though restrictive of their commercial freedom, than to have to comply with different rules in every country in which they do business.

Chapter

Cover Business Law Concentrate

11. Intellectual property and data protection  

Each Concentrate revision guide is packed with essential information, key cases, revision tips, exam Q&As, and more. Concentrates show you what to expect in a law exam, what examiners are looking for, and how to achieve extra marks. This chapter reviews the law on intellectual property and data protection. The law of copyright is governed by the Copyright, Designs and Patents Act (CDPA) 1988 that protects original materials including literary, dramatic, musical, artistic works, and typographical arrangements. The Trade Marks Act 1994 protects the owner of any sign capable of being represented graphically and which is capable of distinguishing the goods or services of one undertaking from those of another. Registration of a patent prevents others from making, using, or selling the same product without permission. The protection lasts for five-year periods (to a maximum of 20 years). The changes introduced through the Data Protection Act 2018, the General Data Protection Regulation, the Law Enforcement Directive and the Intellectual Property (Unjustified Threats) Act 2017 are also discussed.

Chapter

Cover Employment Law

22. Privacy and confidentiality  

This chapter discusses the law on privacy and confidentiality in the workplace. It looks at the four statutes which relate directly to issues of workplace confidentiality: the GDPR/Data Protection Act 2018, the Public Interest Disclosure Act 1998 (which deals with whistleblowing), the Regulation of Investigatory Powers Act 2000, and the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000. It also considers two other areas of law which are influences in this area: the law on job references and the law on restricting the activities of former employees. Also discussed is the impact of the Human Rights Act in this area.