1-11 of 11 Results

  • Keyword: GDPR x
Clear all

Chapter

Cover Information Technology Law

23. Data protection: rights and obligations  

This chapter examines the rights of data subjects under GDPR (and UK GDPR) and the role of the state in supervising data controllers. It examines data subject rights including the subject access right and the right to correct and manage personal data. It deals with the development of the so-called right to be forgotten in the Mario Costeja González case and its application in cases such as NT1 & NT2 v Google. It examines the current supervisory regime including the role of the Information Commissioner’s Office and the enforcement rights of data subjects. Key cases, including Durant v The Financial Services Authority, Edem v IC & Financial Services Authority, Dawson-Damer v Taylor Wessing, and Ittihadieh v 5-11 Cheyne Gardens are discussed, and the chapter concludes by examining the enhanced enforcement rights awarded to the Information Commisioner’s Office by the General Data Protection Regulation in 2018.

Chapter

Cover Business Law

24. Intellectual Property and Data Protection  

The final chapter in the book examines matters relating to the intellectual property created and/or owned by a business and their responsibilities for the data they access and/or produce. Given the value of the outputs from the intellectual creativity of persons (software programs, books, music recordings etc.), this chapter outlines the rights available to protect them and the consequences for infringement. It first identifies the law surrounding creative ideas and work (copyright) before a product’s appearance (design rights) is considered. The chapter continues by assessing the protection of a brand name and image (trademarks) and finishes the substantive issues through examination of inventive ideas and works (patents). Confusion of the public through the unlawful use of an existing business’ name or product can result in the tortious liability of ‘passing-off’. Intellectual property is produced by employees and the consequences of employment status for the rights to exploit the property must be effectively managed. The chapter concludes with an assessment of developments in data protection—the GDPR, Data Protection Act, and the tactics available to businesses to avoid transgression of the law.

Chapter

Cover Information Technology Law

23. Data protection: rights and obligations  

This chapter examines the rights of data subjects under GDPR and the role of the state in supervising data controllers. It examines data subject rights, including the subject access right and the right to correct and manage personal data. It deals with the development of the so-called Right to be Forgotten and the Mario Costeja González case. It examines the current supervisory regime, including the role of the Information Commissioner’s Office and the enforcement rights of data subjects. Key cases, including Durant v The Financial Services Authority, Edem v IC & Financial Services Authority, Dawson-Damer v Taylor Wessing, and Ittihadieh v 5–11 Cheyne Gardens are discussed, and the chapter concludes by examining the enhanced enforcement rights awarded to the Information Commissioner’s Office by the General Data Protection Regulation in 2018.

Chapter

Cover Information Technology Law

3. The scope of data protection  

A number of concepts are critical to an understanding of the topic. Data protection legislation has historically applied where personal data concerning an identifiable individual is processed by a data controller using automated equipment. Developments in technology make it increasingly difficult to apply these concepts. Data that a decade ago would have been anonymous can now readily be linked to an individual. The emergence of cloud computing technology also creates legal complications in determining where processing takes place and which legal system will govern conduct. This chapter will focus on definitional issues in order to provide a basis for more detailed discussion of the application of data protection legislation in the following chapters.

Chapter

Cover Information Technology Law

5. The data protection principles  

The notion that data controllers should comply with a set of general data protection principles has been a feature of data protection statutes from the earliest days. As well as imposing obligations on controllers, the principles also confer rights – most notably relating to subject access on data subjects. This chapter will consider the scope and extent of the principles paying particular attention to the requirement that personal data be processed fairly and lawfully. A topic of more recent interest relates to the length of time for which data may be held and made available to third parties. Often referred to as involving the “right to be forgotten”, this is especially relevant to the operation of search engines which make it easy for users to find news stories what would have passed into obscurity in previous eras. The chapter considers also at the operation of the principle requiring users to adopt appropriate security measures against unauthorized access, a topic which is of particular relevance given recent and well publicised large-scale cyber-attacks.

Chapter

Cover Information Technology Law

22. Data protection: the legal framework  

This chapter examines data protection, digitization of data, its implications for personal privacy, and the regulation of data industries. It begins by discussing the current law found, post Brexit in the UK General Data Protection Regulation and the Data Protection Act 2018. It examines the key concepts of data controllers, data processors, and data subjects, and discusses the conditions for the processing of personal data. This includes an examination of key cases such as Nowak v Data Protection Commissioner, the Facebook fan page case, and Bodil Lindqvist. It looks at the geographical scope of UK GDPR and the extra-territorial effect of the Regulation and examines the domestic purposes exemption after Ryneš. It examines questions of fairness and lawfulness of processing as discussed in Johnson v Medical Defence Union.

Chapter

Cover Information Technology Law

4. Supervisory agencies  

This chapter first describes the rationale for the establishment of supervisory agencies for data protection in EU States. This marks a significant divergence in approach from other countries such as the United States and continues to constitute a barrier to harmonisation in the data protection field. Specific attention is paid to the status and role of the United Kingdom’s Information Commissioner and the investigative and enforcement powers conferred on the Commissioner. The evolving nature of the requirements of registration of data controllers is considered as is the role of the Register of Data Controllers. Attention is given also to the appeal mechanisms established under the Act and to the role of the First Tier Tribunal.

Chapter

Cover Information Technology Law

6. Individual rights and remedies  

This chapter examines the rights that are specifically conferred upon data subjects and to the remedies which may be available in the event of any breach. The GDPR and the Data Protection Act 2018 provide for data subjects to be granted rights of access, the right to receive certain items of information, and rights either total or qualified to object to certain forms of processing of their personal data.

Chapter

Cover Information Technology Law

2. The beginnings of data protection  

Data protection has, at least in western Europe, been seen as a key element of the legal response to the issue of information surveillance. Dating back to the 1970s and 1980s, many data protection laws are, as is the case in the UK, in their 3rd generation of statutes. The scope (and length) of these statutes has expanded significantly although the core data protection principles have remained essentially unaltered. In addition to developments within the EU there have been data protection initiatives within international fora such as the Council of Europe, the Organisation for Economic Cooperation and Development (OECD), the UN, and the Asia-Pacific Privacy Charter initiative. As with early UK developments where commercial pressure driven by the need to guarantee the free movement of data to and from the UK played a major role in the introduction of the first statute – the Data Protection Act 1984 – so commercial factors are once again at play with multi-national companies tending to argue that it is easier for them to comply with a global set of data protection rules – even though restrictive of their commercial freedom, than to have to comply with different rules in every country in which they do business.

Book

Cover Employment Law

Stephen Taylor and Astra Emir

Employment Law provides an introduction to the issues of employment law and regulation for those studying a variety of subjects including human resource management (HRM) and business management, as well as an easy explanation for students of law. Case exhibits in every chapter illustrate employment law in action, whilst activities test understanding of the law and its application in the real world. In addition, a dedicated, very practical chapter on preparing and presenting a case gives an opportunity to demonstrate understanding using a fictional scenario, through which a greater insight into the challenges faced before an employment tribunal can be gleamed. This fifth edition includes full coverage of the Taylor Report, the Gender Pay Gap Regulations, GDPR/Data Protection Act 2018, the Trade Union Act 2016 and the likely effect of Brexit. The text also encompasses a revision of core legal content including changes to tribunal fees and case law concerning employment status.

Chapter

Cover Employment Law

22. Privacy and confidentiality  

This chapter discusses the law on privacy and confidentiality in the workplace. It looks at the four statutes which relate directly to issues of workplace confidentiality: the GDPR/Data Protection Act 2018, the Public Interest Disclosure Act 1998 (which deals with whistleblowing), the Regulation of Investigatory Powers Act 2000, and the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000. It also considers two other areas of law which are influences in this area: the law on job references and the law on restricting the activities of former employees. Also discussed is the impact of the Human Rights Act in this area.