FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License The Data Protection Act 1998
FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Data Protection Act 1998 DPA 1. Reasons2. People3. Principles 4. Exemptions 4 key points you need to learn/understand/revise
FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Reasons for the DPA 1 Computer systems contain large amounts of personal data that may be sensitive Personal privacy and rights for individuals demand good information handling practice The DPA is an attempt to address this issue Personal Privacy is a basic human right
FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Reasons for the DPA 2 The DPA was first passed in 1984 and revised in 1998 (to bring it into line with other European Union countries) Set of regulations for storing personal data 1998 Act was extended to cover paper-based data (previously only covered automatically processed data)
FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License People The DPA refers to two types of people Data Controllers (formerly called data holders) Data Subjects The DPA is enforced by the Information Commissioner
FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License The Information Commissioner The Commissioner has responsibility for ensuring the DPA is enforced Keeps a public register of data controllers Promotes good information handling practice Advises on data protection issues and acts as an ombudsman
FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Data Controllers/Subjects Data Controllers - Those who control the contents and use of a collection of personal data. Data controllers must register with the Information Commissioner. They must register a description of the data being processed, the purpose information will be used for, from whom it will be obtained and to whom it will be disclosed Data Subjects - The individuals to whom the data relates We are all data subjects!
FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Eight DPA Principles Once registered users/controllers must comply with 8 data protection principles Personal Data must be: Fairly & Lawfully processed Processed for limited purposes Adequate, relevant and not excessive Accurate Not kept longer than necessary Processed in accordance with rights Secure Not transferred to other countries without protection Use your textbook to find out what these actually mean! Pages Mott and Leeming 2 nd Edition
FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Data Subjects’ Rights Under the sixth principle data subjects have the right to see data held about them Data controllers must supply this information in 40 days They may charge a small fee for administration Data subjects have the right to Have any errors corrected Compensation for any distress if the Act has been broken Prevent processing for direct marketing or automated decision making
FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Data Subjects’ Rights 2 Organisations do not normally need your consent to process your personal data as part of their normal work e.g. using loyalty card data to send you direct marketing You agree to this when you apply for the card However, they cannot pass on your data without your consent In practice you often grant this by failing to tick a box on application forms!
FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Exemptions There are a number of examptions from the priciples of the Data Protection Act. Exemption exists: If the information is held to safeguard national security If the information is used to prevent crime If the information is used to collect taxes If the information is used in journalism for historical purposes Personal data about family/household affairs doesn’t need to be registered
FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Summary/Revision Use the your textbook or the Internet to make your OWN notes on the Data Protection Act