SlideShare une entreprise Scribd logo

Notification By Data Controllers Under The Data Protection Act, 1998 (Uk)

Vishnu Kesarwani
Vishnu Kesarwani
TechnologieBusiness
1  sur  18
Télécharger pour lire hors ligne
NOTIFICATION BY DATA CONTROLLERS 1 Vishnu Kesarwani (IMS2007011) Rajendra Prasad (IMS2007012) 2nd Semester MS (Cyber Law & Information Security) IIIT-Allahabad
INTRODUCTION  The Data Protection Act, 1984 established the Data Protection Register and the system of registration maintained by the Registrar.  The Data Protection Act, 1998 introduced a new system of notification which replaced the registration scheme. Meaning:  Notification is the process by which a data controller informs the Commissioner of certain details about the processing of personal data carried out by that data controller. 2
CONTD… Purpose  Transparency or openness Interest Notification fulfils the interests of :  Data controllers  Data subjects 3
NOTIFICATION EXEMPTIONS The Act provides exemption from notification for data controllers. Exemptions are :  data controllers who only process personal data for :  staff administration  advertising, marketing and public relations (of their own business)  accounts and records  not for profit Organisations 4
CONTD….  processing personal data for personal, family or household affairs  data controllers who only process personal data for the maintenance of a public register  data controllers who do not process personal data on computer 5
STAFF ADMINISTRATION EXEMPTION The processing is for the purposes of  appointments or  removals,  pay,  discipline,  superannuation,  work management or  other personnel matters in relation to the staff of the data controller;  (b) is of personal data in respect of which the data subject is - o a past, o existing or o prospective member of staff of the data controller  (c) is of personal data consisting of the name, address and other identifiers of the data subject or information as to -  qualifications, 6 o work experience or o pay
ADVERTISING, MARKETING AND PUBLIC RELATIONS EXEMPTION  (a) is for the purposes of  advertising or  marketing the data controller's business,  activity,  goods or services  and promoting public relations in connection with that business or activity, or those goods or services;  (b) is of personal data in respect of which the data subject is - o a past, o existing or o prospective customer or supplier 7
ACCOUNTS AND RECORDS EXEMPTION The processing –  (a) is for the purposes of  keeping accounts relating to any business or  other activity carried on by the data controller, or any person as a customer or supplier, or  keeping records of purchases, sales or  (b) is of personal data in respect of which the data subject is - o a past, o existing or o prospective customer or o supplier 8
NON PROFIT-MAKING ORGANISATIONS EXEMPTIONS The processing -  (a) is carried out by a data controller which is a body or association which is not established or conducted for profit;  (b) is for the purposes of establishing or maintaining membership of or support for the body or association, or providing or administering activities for individuals who are either members of the body or association or have regular contact with it;  (c) is of personal data in respect of which the data subject is -  a past,  existing or  prospective member of the body or organisation; 9
THE REGISTRABLE PARTICULARS According to Section 16(1) the registrable particulars means:  Data Controller’s name and address,  The name and address of the representative,  A description of the personal data,  A description of the purpose or purposes,  A description of any recipient or recipients,  The names, or a description of, any countries or territories outside the European economic area, 10
Duty of the data controller Duty to notify changes  If any changes takes place regarding personal data then data controller is bound by the Act to notify the Commissioner. Duty to make certain information available  The data controller has not notified the relevant particulars in respect of that processing under section 18, the data controller must, within twenty-one days of receiving a written request from any person, make the relevant particulars available to that person in writing free of charge. 11
Function of the Commissioner  As soon as practicable after the passing of this Act, the Commissioner shall submit to the Secretary of State proposals as to the provisions to be included in the first notification regulations.  The Commissioner shall keep under review the working of notification regulations and may from time to time submit to the Secretary of State proposals as to amendments to be made to the regulations. 12
Function of the secretary of state  The Secretary of State may from time to time require the Commissioner to consider any matter relating to notification regulations and to submit to him proposals as to amendments to be made to the regulations in connection with that matter.  Before making any notification regulations, the Secretary of State shall—  (a) consider any proposals made to him by the Commissioner under subsection (1), (2) or (3), and  (b) consult the Commissioner  Power to make provision for appointment of data protection supervisors 13
Offences relating to notification It is an offence to process personal data without notification unless:-  the personal data fall within either of the national security or domestic purposes exemptions,  the personal data are exempt under the transitional exemptions,  the personal data fall within the ―relevant filing system‖/ ―accessible record‖ or public register exceptions referred to above,  the processing operation falls within the exemptions referred to in the Regulations  the processing is of a description which notification regulations provide is exempt from the requirements to notify on the ground that it is unlikely to prejudice the rights and freedoms of data 14 subjects. No such provision was included in the Regulations.
CONTD…  It will also be an offence for a person to fail to notify the Commissioner of changes to the register entry.  The Regulations provided that such notification must be given as soon as practicable and in any event within a period of 28 days from the date upon which the entry becomes inaccurate or incomplete.  Defense: due diligence 15
Nature of Offence  When Data Controller fail to comply the provision of the Act or contravene the provision then the Data Controller will be held liable.  The nature of offence will be criminal.  In all cases the Data Controller will be held strictly liable ( strict liability offence). 16
REFERENCES 1/28/2010  THE DATA PROTECTION ACT, 1998  Data Protection Act 1998: Legal Guidance; available from http://www.ico.gov.uk/upload/documents/library/data_protection/detailed _specialist_guides/data_protection_act_legal_guidance.pdf  Hamilton, Angus and Jay, Rosemary, Data Protection Act 1998 (UK: Sweet & Maxwell, 1999) 17
THANKS 18

Recommandé

GDPR - The new era of data protection
GDPR - The new era of data protectionGDPR - The new era of data protection
GDPR - The new era of data protectionInterlogica
 
LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...
LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...
LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...Localogy
 
Third Principle Of The Data Protection Act, 1998 (Uk)
Third Principle Of The Data Protection Act, 1998 (Uk)Third Principle Of The Data Protection Act, 1998 (Uk)
Third Principle Of The Data Protection Act, 1998 (Uk)Vishnu Kesarwani
 
LOPD - Spanish ethical and legal issues in the context of an international IC...
LOPD - Spanish ethical and legal issues in the context of an international IC...LOPD - Spanish ethical and legal issues in the context of an international IC...
LOPD - Spanish ethical and legal issues in the context of an international IC...Natalia Monllor
 
Challenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoChallenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoJoel A. Gómez Treviño
 
Judgment of the Court_ the right to be forgotten
Judgment of the Court_ the right to be forgottenJudgment of the Court_ the right to be forgotten
Judgment of the Court_ the right to be forgottenMonica Lupașcu
 
10 Things You Need To Know About Privacy
10 Things You Need To Know About Privacy10 Things You Need To Know About Privacy
10 Things You Need To Know About PrivacyNow Dentons
 
20180305 the dayafter_bavovdh_cranium_dpo_pro
20180305 the dayafter_bavovdh_cranium_dpo_pro20180305 the dayafter_bavovdh_cranium_dpo_pro
20180305 the dayafter_bavovdh_cranium_dpo_proKoenraad FLAMANT
 

Recommandé

GDPR - The new era of data protection
GDPR - The new era of data protectionGDPR - The new era of data protection
GDPR - The new era of data protectionInterlogica
 
LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...
LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...
LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...Localogy
 
Third Principle Of The Data Protection Act, 1998 (Uk)
Third Principle Of The Data Protection Act, 1998 (Uk)Third Principle Of The Data Protection Act, 1998 (Uk)
Third Principle Of The Data Protection Act, 1998 (Uk)Vishnu Kesarwani
 
LOPD - Spanish ethical and legal issues in the context of an international IC...
LOPD - Spanish ethical and legal issues in the context of an international IC...LOPD - Spanish ethical and legal issues in the context of an international IC...
LOPD - Spanish ethical and legal issues in the context of an international IC...Natalia Monllor
 
Challenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoChallenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoJoel A. Gómez Treviño
 
Judgment of the Court_ the right to be forgotten
Judgment of the Court_ the right to be forgottenJudgment of the Court_ the right to be forgotten
Judgment of the Court_ the right to be forgottenMonica Lupașcu
 
10 Things You Need To Know About Privacy
10 Things You Need To Know About Privacy10 Things You Need To Know About Privacy
10 Things You Need To Know About PrivacyNow Dentons
 
20180305 the dayafter_bavovdh_cranium_dpo_pro
20180305 the dayafter_bavovdh_cranium_dpo_pro20180305 the dayafter_bavovdh_cranium_dpo_pro
20180305 the dayafter_bavovdh_cranium_dpo_proKoenraad FLAMANT
 
Data protection compliance projects
Data protection compliance projectsData protection compliance projects
Data protection compliance projectsHatice Zümbül, LL.M.
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Werksmans Attorneys
 
GDPR infographic
GDPR infographicGDPR infographic
GDPR infographicSectricity
 
The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)FOTIOS ZYGOULIS
 
EFA Skillshare - Jitty van Doodewaerd
EFA Skillshare - Jitty van DoodewaerdEFA Skillshare - Jitty van Doodewaerd
EFA Skillshare - Jitty van DoodewaerdPatrick Jordens
 
Ubicomp challenges for privacy law
Ubicomp challenges for privacy lawUbicomp challenges for privacy law
Ubicomp challenges for privacy lawblogzilla
 
GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360DataStax
 
General data protection regulation - European union
General data protection regulation - European unionGeneral data protection regulation - European union
General data protection regulation - European unionRohana K Amarakoon
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection ActYizi
 
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)AltheimPrivacy
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPRDipanjanDey12
 
Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)AMIPCI
 
Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Werksmans Attorneys
 
20131009 aon security breach legislation
20131009 aon security breach legislation20131009 aon security breach legislation
20131009 aon security breach legislationJos Dumortier
 
Draft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataDraft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataRenato Monteiro
 
Things to know about GDPR in 2018
Things to know about GDPR in 2018Things to know about GDPR in 2018
Things to know about GDPR in 2018Webkul Software Pvt. Ltd.
 
Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Werksmans Attorneys
 
Quick guide gdpr
Quick guide gdprQuick guide gdpr
Quick guide gdprMiguel Mello
 
The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")Parsons Behle & Latimer
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016John Greenwood
 
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfJakeAldrinDegala1
 
Managing Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationManaging Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationsilvereyez11
 

Contenu connexe

Tendances

Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Werksmans Attorneys
 
GDPR infographic
GDPR infographicGDPR infographic
GDPR infographicSectricity
 
The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)FOTIOS ZYGOULIS
 
EFA Skillshare - Jitty van Doodewaerd
EFA Skillshare - Jitty van DoodewaerdEFA Skillshare - Jitty van Doodewaerd
EFA Skillshare - Jitty van DoodewaerdPatrick Jordens
 
Ubicomp challenges for privacy law
Ubicomp challenges for privacy lawUbicomp challenges for privacy law
Ubicomp challenges for privacy lawblogzilla
 
GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360DataStax
 
General data protection regulation - European union
General data protection regulation - European unionGeneral data protection regulation - European union
General data protection regulation - European unionRohana K Amarakoon
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection ActYizi
 
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)AltheimPrivacy
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPRDipanjanDey12
 
Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)AMIPCI
 
Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Werksmans Attorneys
 
20131009 aon security breach legislation
20131009 aon security breach legislation20131009 aon security breach legislation
20131009 aon security breach legislationJos Dumortier
 
Draft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataDraft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataRenato Monteiro
 
Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Werksmans Attorneys
 
The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")Parsons Behle & Latimer
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016John Greenwood
 

Tendances (20)

Data protection compliance projects
Data protection compliance projectsData protection compliance projects
Data protection compliance projects
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...
 
GDPR infographic
GDPR infographicGDPR infographic
GDPR infographic
 
The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)
 
EFA Skillshare - Jitty van Doodewaerd
EFA Skillshare - Jitty van DoodewaerdEFA Skillshare - Jitty van Doodewaerd
EFA Skillshare - Jitty van Doodewaerd
 
Ubicomp challenges for privacy law
Ubicomp challenges for privacy lawUbicomp challenges for privacy law
Ubicomp challenges for privacy law
 
GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360
 
General data protection regulation - European union
General data protection regulation - European unionGeneral data protection regulation - European union
General data protection regulation - European union
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection Act
 
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPR
 
Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)
 
Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...
 
20131009 aon security breach legislation
20131009 aon security breach legislation20131009 aon security breach legislation
20131009 aon security breach legislation
 
Draft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataDraft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal Data
 
Things to know about GDPR in 2018
Things to know about GDPR in 2018Things to know about GDPR in 2018
Things to know about GDPR in 2018
 
Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...
 
Quick guide gdpr
Quick guide gdprQuick guide gdpr
Quick guide gdpr
 
The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016
 

Similaire à Notification By Data Controllers Under The Data Protection Act, 1998 (Uk)

All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfJakeAldrinDegala1
 
Managing Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationManaging Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationsilvereyez11
 
Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Kirk Go
 
Jamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business communityJamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business communityEmerson Bryan
 
GDPR and Analytics
GDPR and AnalyticsGDPR and Analytics
GDPR and Analyticsbrunomase
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...IT Governance Ltd
 
Bahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfBahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfDaviesParker
 
Group 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptxGroup 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptxStephenQuijano3
 
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxPERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxssuser36d167
 
Data Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesData Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesjo bitonio
 
Regulatory compliance 2018
Regulatory compliance 2018Regulatory compliance 2018
Regulatory compliance 2018ProColombia
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!Fintan Swanton
 
20131008 agoria big data vs data protection
20131008 agoria big data vs data protection20131008 agoria big data vs data protection
20131008 agoria big data vs data protectionJos Dumortier
 
Data protection act
Data protection act Data protection act
Data protection act Iqbal Bocus
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Russell_Kennedy
 
Biometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization IssuesBiometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization IssuesGiannisBasa
 

Similaire à Notification By Data Controllers Under The Data Protection Act, 1998 (Uk) (20)

All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
 
Managing Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationManaging Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentation
 
Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)
 
Jamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business communityJamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business community
 
GDPR and Analytics
GDPR and AnalyticsGDPR and Analytics
GDPR and Analytics
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...
 
Bahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfBahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdf
 
Group 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptxGroup 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptx
 
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxPERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
 
Data Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesData Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperatives
 
Regulatory compliance 2018
Regulatory compliance 2018Regulatory compliance 2018
Regulatory compliance 2018
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!
 
20131008 agoria big data vs data protection
20131008 agoria big data vs data protection20131008 agoria big data vs data protection
20131008 agoria big data vs data protection
 
Data protection act
Data protection act Data protection act
Data protection act
 
GDPR, Data Privacy.
GDPR, Data Privacy.GDPR, Data Privacy.
GDPR, Data Privacy.
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)
 
GDPR
GDPRGDPR
GDPR
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
GDPR for Dummies
GDPR for DummiesGDPR for Dummies
GDPR for Dummies
 
Biometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization IssuesBiometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization Issues
 

Dernier

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 

Dernier (20)

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 

Notification By Data Controllers Under The Data Protection Act, 1998 (Uk)

  • 1. NOTIFICATION BY DATA CONTROLLERS 1 Vishnu Kesarwani (IMS2007011) Rajendra Prasad (IMS2007012) 2nd Semester MS (Cyber Law & Information Security) IIIT-Allahabad
  • 2. INTRODUCTION  The Data Protection Act, 1984 established the Data Protection Register and the system of registration maintained by the Registrar.  The Data Protection Act, 1998 introduced a new system of notification which replaced the registration scheme. Meaning:  Notification is the process by which a data controller informs the Commissioner of certain details about the processing of personal data carried out by that data controller. 2
  • 3. CONTD… Purpose  Transparency or openness Interest Notification fulfils the interests of :  Data controllers  Data subjects 3
  • 4. NOTIFICATION EXEMPTIONS The Act provides exemption from notification for data controllers. Exemptions are :  data controllers who only process personal data for :  staff administration  advertising, marketing and public relations (of their own business)  accounts and records  not for profit Organisations 4
  • 5. CONTD….  processing personal data for personal, family or household affairs  data controllers who only process personal data for the maintenance of a public register  data controllers who do not process personal data on computer 5
  • 6. STAFF ADMINISTRATION EXEMPTION The processing is for the purposes of  appointments or  removals,  pay,  discipline,  superannuation,  work management or  other personnel matters in relation to the staff of the data controller;  (b) is of personal data in respect of which the data subject is - o a past, o existing or o prospective member of staff of the data controller  (c) is of personal data consisting of the name, address and other identifiers of the data subject or information as to -  qualifications, 6 o work experience or o pay
  • 7. ADVERTISING, MARKETING AND PUBLIC RELATIONS EXEMPTION  (a) is for the purposes of  advertising or  marketing the data controller's business,  activity,  goods or services  and promoting public relations in connection with that business or activity, or those goods or services;  (b) is of personal data in respect of which the data subject is - o a past, o existing or o prospective customer or supplier 7
  • 8. ACCOUNTS AND RECORDS EXEMPTION The processing –  (a) is for the purposes of  keeping accounts relating to any business or  other activity carried on by the data controller, or any person as a customer or supplier, or  keeping records of purchases, sales or  (b) is of personal data in respect of which the data subject is - o a past, o existing or o prospective customer or o supplier 8
  • 9. NON PROFIT-MAKING ORGANISATIONS EXEMPTIONS The processing -  (a) is carried out by a data controller which is a body or association which is not established or conducted for profit;  (b) is for the purposes of establishing or maintaining membership of or support for the body or association, or providing or administering activities for individuals who are either members of the body or association or have regular contact with it;  (c) is of personal data in respect of which the data subject is -  a past,  existing or  prospective member of the body or organisation; 9
  • 10. THE REGISTRABLE PARTICULARS According to Section 16(1) the registrable particulars means:  Data Controller’s name and address,  The name and address of the representative,  A description of the personal data,  A description of the purpose or purposes,  A description of any recipient or recipients,  The names, or a description of, any countries or territories outside the European economic area, 10
  • 11. Duty of the data controller Duty to notify changes  If any changes takes place regarding personal data then data controller is bound by the Act to notify the Commissioner. Duty to make certain information available  The data controller has not notified the relevant particulars in respect of that processing under section 18, the data controller must, within twenty-one days of receiving a written request from any person, make the relevant particulars available to that person in writing free of charge. 11
  • 12. Function of the Commissioner  As soon as practicable after the passing of this Act, the Commissioner shall submit to the Secretary of State proposals as to the provisions to be included in the first notification regulations.  The Commissioner shall keep under review the working of notification regulations and may from time to time submit to the Secretary of State proposals as to amendments to be made to the regulations. 12
  • 13. Function of the secretary of state  The Secretary of State may from time to time require the Commissioner to consider any matter relating to notification regulations and to submit to him proposals as to amendments to be made to the regulations in connection with that matter.  Before making any notification regulations, the Secretary of State shall—  (a) consider any proposals made to him by the Commissioner under subsection (1), (2) or (3), and  (b) consult the Commissioner  Power to make provision for appointment of data protection supervisors 13
  • 14. Offences relating to notification It is an offence to process personal data without notification unless:-  the personal data fall within either of the national security or domestic purposes exemptions,  the personal data are exempt under the transitional exemptions,  the personal data fall within the ―relevant filing system‖/ ―accessible record‖ or public register exceptions referred to above,  the processing operation falls within the exemptions referred to in the Regulations  the processing is of a description which notification regulations provide is exempt from the requirements to notify on the ground that it is unlikely to prejudice the rights and freedoms of data 14 subjects. No such provision was included in the Regulations.
  • 15. CONTD…  It will also be an offence for a person to fail to notify the Commissioner of changes to the register entry.  The Regulations provided that such notification must be given as soon as practicable and in any event within a period of 28 days from the date upon which the entry becomes inaccurate or incomplete.  Defense: due diligence 15
  • 16. Nature of Offence  When Data Controller fail to comply the provision of the Act or contravene the provision then the Data Controller will be held liable.  The nature of offence will be criminal.  In all cases the Data Controller will be held strictly liable ( strict liability offence). 16
  • 17. REFERENCES 1/28/2010  THE DATA PROTECTION ACT, 1998  Data Protection Act 1998: Legal Guidance; available from http://www.ico.gov.uk/upload/documents/library/data_protection/detailed _specialist_guides/data_protection_act_legal_guidance.pdf  Hamilton, Angus and Jay, Rosemary, Data Protection Act 1998 (UK: Sweet & Maxwell, 1999) 17
  • 18. THANKS 18