SlideShare ist ein Scribd-Unternehmen logo

Notification By Data Controllers Under The Data Protection Act, 1998 (Uk)

Vishnu Kesarwani
Vishnu Kesarwani
TechnologieBusiness
1 von 18
Downloaden Sie, um offline zu lesen
NOTIFICATION BY DATA CONTROLLERS 1 Vishnu Kesarwani (IMS2007011) Rajendra Prasad (IMS2007012) 2nd Semester MS (Cyber Law & Information Security) IIIT-Allahabad
INTRODUCTION  The Data Protection Act, 1984 established the Data Protection Register and the system of registration maintained by the Registrar.  The Data Protection Act, 1998 introduced a new system of notification which replaced the registration scheme. Meaning:  Notification is the process by which a data controller informs the Commissioner of certain details about the processing of personal data carried out by that data controller. 2
CONTD… Purpose  Transparency or openness Interest Notification fulfils the interests of :  Data controllers  Data subjects 3
NOTIFICATION EXEMPTIONS The Act provides exemption from notification for data controllers. Exemptions are :  data controllers who only process personal data for :  staff administration  advertising, marketing and public relations (of their own business)  accounts and records  not for profit Organisations 4
CONTD….  processing personal data for personal, family or household affairs  data controllers who only process personal data for the maintenance of a public register  data controllers who do not process personal data on computer 5
STAFF ADMINISTRATION EXEMPTION The processing is for the purposes of  appointments or  removals,  pay,  discipline,  superannuation,  work management or  other personnel matters in relation to the staff of the data controller;  (b) is of personal data in respect of which the data subject is - o a past, o existing or o prospective member of staff of the data controller  (c) is of personal data consisting of the name, address and other identifiers of the data subject or information as to -  qualifications, 6 o work experience or o pay
ADVERTISING, MARKETING AND PUBLIC RELATIONS EXEMPTION  (a) is for the purposes of  advertising or  marketing the data controller's business,  activity,  goods or services  and promoting public relations in connection with that business or activity, or those goods or services;  (b) is of personal data in respect of which the data subject is - o a past, o existing or o prospective customer or supplier 7
ACCOUNTS AND RECORDS EXEMPTION The processing –  (a) is for the purposes of  keeping accounts relating to any business or  other activity carried on by the data controller, or any person as a customer or supplier, or  keeping records of purchases, sales or  (b) is of personal data in respect of which the data subject is - o a past, o existing or o prospective customer or o supplier 8
NON PROFIT-MAKING ORGANISATIONS EXEMPTIONS The processing -  (a) is carried out by a data controller which is a body or association which is not established or conducted for profit;  (b) is for the purposes of establishing or maintaining membership of or support for the body or association, or providing or administering activities for individuals who are either members of the body or association or have regular contact with it;  (c) is of personal data in respect of which the data subject is -  a past,  existing or  prospective member of the body or organisation; 9
THE REGISTRABLE PARTICULARS According to Section 16(1) the registrable particulars means:  Data Controller’s name and address,  The name and address of the representative,  A description of the personal data,  A description of the purpose or purposes,  A description of any recipient or recipients,  The names, or a description of, any countries or territories outside the European economic area, 10
Duty of the data controller Duty to notify changes  If any changes takes place regarding personal data then data controller is bound by the Act to notify the Commissioner. Duty to make certain information available  The data controller has not notified the relevant particulars in respect of that processing under section 18, the data controller must, within twenty-one days of receiving a written request from any person, make the relevant particulars available to that person in writing free of charge. 11
Function of the Commissioner  As soon as practicable after the passing of this Act, the Commissioner shall submit to the Secretary of State proposals as to the provisions to be included in the first notification regulations.  The Commissioner shall keep under review the working of notification regulations and may from time to time submit to the Secretary of State proposals as to amendments to be made to the regulations. 12
Function of the secretary of state  The Secretary of State may from time to time require the Commissioner to consider any matter relating to notification regulations and to submit to him proposals as to amendments to be made to the regulations in connection with that matter.  Before making any notification regulations, the Secretary of State shall—  (a) consider any proposals made to him by the Commissioner under subsection (1), (2) or (3), and  (b) consult the Commissioner  Power to make provision for appointment of data protection supervisors 13
Offences relating to notification It is an offence to process personal data without notification unless:-  the personal data fall within either of the national security or domestic purposes exemptions,  the personal data are exempt under the transitional exemptions,  the personal data fall within the ―relevant filing system‖/ ―accessible record‖ or public register exceptions referred to above,  the processing operation falls within the exemptions referred to in the Regulations  the processing is of a description which notification regulations provide is exempt from the requirements to notify on the ground that it is unlikely to prejudice the rights and freedoms of data 14 subjects. No such provision was included in the Regulations.
CONTD…  It will also be an offence for a person to fail to notify the Commissioner of changes to the register entry.  The Regulations provided that such notification must be given as soon as practicable and in any event within a period of 28 days from the date upon which the entry becomes inaccurate or incomplete.  Defense: due diligence 15
Nature of Offence  When Data Controller fail to comply the provision of the Act or contravene the provision then the Data Controller will be held liable.  The nature of offence will be criminal.  In all cases the Data Controller will be held strictly liable ( strict liability offence). 16
REFERENCES 1/28/2010  THE DATA PROTECTION ACT, 1998  Data Protection Act 1998: Legal Guidance; available from http://www.ico.gov.uk/upload/documents/library/data_protection/detailed _specialist_guides/data_protection_act_legal_guidance.pdf  Hamilton, Angus and Jay, Rosemary, Data Protection Act 1998 (UK: Sweet & Maxwell, 1999) 17
THANKS 18

Empfohlen

GDPR - The new era of data protection
GDPR - The new era of data protectionGDPR - The new era of data protection
GDPR - The new era of data protectionInterlogica
 
LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...
LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...
LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...Localogy
 
Third Principle Of The Data Protection Act, 1998 (Uk)
Third Principle Of The Data Protection Act, 1998 (Uk)Third Principle Of The Data Protection Act, 1998 (Uk)
Third Principle Of The Data Protection Act, 1998 (Uk)Vishnu Kesarwani
 
LOPD - Spanish ethical and legal issues in the context of an international IC...
LOPD - Spanish ethical and legal issues in the context of an international IC...LOPD - Spanish ethical and legal issues in the context of an international IC...
LOPD - Spanish ethical and legal issues in the context of an international IC...Natalia Monllor
 
Challenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoChallenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoJoel A. Gómez Treviño
 
Judgment of the Court_ the right to be forgotten
Judgment of the Court_ the right to be forgottenJudgment of the Court_ the right to be forgotten
Judgment of the Court_ the right to be forgottenMonica Lupașcu
 
10 Things You Need To Know About Privacy
10 Things You Need To Know About Privacy10 Things You Need To Know About Privacy
10 Things You Need To Know About PrivacyNow Dentons
 
20180305 the dayafter_bavovdh_cranium_dpo_pro
20180305 the dayafter_bavovdh_cranium_dpo_pro20180305 the dayafter_bavovdh_cranium_dpo_pro
20180305 the dayafter_bavovdh_cranium_dpo_proKoenraad FLAMANT
 

Empfohlen

GDPR - The new era of data protection
GDPR - The new era of data protectionGDPR - The new era of data protection
GDPR - The new era of data protectionInterlogica
 
LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...
LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...
LSA19: What Europe Can Teach U.S. Companies About Location and Data Privacy W...Localogy
 
Third Principle Of The Data Protection Act, 1998 (Uk)
Third Principle Of The Data Protection Act, 1998 (Uk)Third Principle Of The Data Protection Act, 1998 (Uk)
Third Principle Of The Data Protection Act, 1998 (Uk)Vishnu Kesarwani
 
LOPD - Spanish ethical and legal issues in the context of an international IC...
LOPD - Spanish ethical and legal issues in the context of an international IC...LOPD - Spanish ethical and legal issues in the context of an international IC...
LOPD - Spanish ethical and legal issues in the context of an international IC...Natalia Monllor
 
Challenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoChallenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoJoel A. Gómez Treviño
 
Judgment of the Court_ the right to be forgotten
Judgment of the Court_ the right to be forgottenJudgment of the Court_ the right to be forgotten
Judgment of the Court_ the right to be forgottenMonica Lupașcu
 
10 Things You Need To Know About Privacy
10 Things You Need To Know About Privacy10 Things You Need To Know About Privacy
10 Things You Need To Know About PrivacyNow Dentons
 
20180305 the dayafter_bavovdh_cranium_dpo_pro
20180305 the dayafter_bavovdh_cranium_dpo_pro20180305 the dayafter_bavovdh_cranium_dpo_pro
20180305 the dayafter_bavovdh_cranium_dpo_proKoenraad FLAMANT
 
Data protection compliance projects
Data protection compliance projectsData protection compliance projects
Data protection compliance projectsHatice Zümbül, LL.M.
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Werksmans Attorneys
 
GDPR infographic
GDPR infographicGDPR infographic
GDPR infographicSectricity
 
The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)FOTIOS ZYGOULIS
 
EFA Skillshare - Jitty van Doodewaerd
EFA Skillshare - Jitty van DoodewaerdEFA Skillshare - Jitty van Doodewaerd
EFA Skillshare - Jitty van DoodewaerdPatrick Jordens
 
Ubicomp challenges for privacy law
Ubicomp challenges for privacy lawUbicomp challenges for privacy law
Ubicomp challenges for privacy lawblogzilla
 
GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360DataStax
 
General data protection regulation - European union
General data protection regulation - European unionGeneral data protection regulation - European union
General data protection regulation - European unionRohana K Amarakoon
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection ActYizi
 
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)AltheimPrivacy
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPRDipanjanDey12
 
Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)AMIPCI
 
Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Werksmans Attorneys
 
20131009 aon security breach legislation
20131009 aon security breach legislation20131009 aon security breach legislation
20131009 aon security breach legislationJos Dumortier
 
Draft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataDraft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataRenato Monteiro
 
Things to know about GDPR in 2018
Things to know about GDPR in 2018Things to know about GDPR in 2018
Things to know about GDPR in 2018Webkul Software Pvt. Ltd.
 
Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Werksmans Attorneys
 
Quick guide gdpr
Quick guide gdprQuick guide gdpr
Quick guide gdprMiguel Mello
 
The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")Parsons Behle & Latimer
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016John Greenwood
 
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfJakeAldrinDegala1
 
Managing Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationManaging Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationsilvereyez11
 

Weitere ähnliche Inhalte

Was ist angesagt?

Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Werksmans Attorneys
 
GDPR infographic
GDPR infographicGDPR infographic
GDPR infographicSectricity
 
The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)FOTIOS ZYGOULIS
 
EFA Skillshare - Jitty van Doodewaerd
EFA Skillshare - Jitty van DoodewaerdEFA Skillshare - Jitty van Doodewaerd
EFA Skillshare - Jitty van DoodewaerdPatrick Jordens
 
Ubicomp challenges for privacy law
Ubicomp challenges for privacy lawUbicomp challenges for privacy law
Ubicomp challenges for privacy lawblogzilla
 
GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360DataStax
 
General data protection regulation - European union
General data protection regulation - European unionGeneral data protection regulation - European union
General data protection regulation - European unionRohana K Amarakoon
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection ActYizi
 
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)AltheimPrivacy
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPRDipanjanDey12
 
Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)AMIPCI
 
Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Werksmans Attorneys
 
20131009 aon security breach legislation
20131009 aon security breach legislation20131009 aon security breach legislation
20131009 aon security breach legislationJos Dumortier
 
Draft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataDraft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataRenato Monteiro
 
Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Werksmans Attorneys
 
The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")Parsons Behle & Latimer
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016John Greenwood
 

Was ist angesagt? (20)

Data protection compliance projects
Data protection compliance projectsData protection compliance projects
Data protection compliance projects
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...
 
GDPR infographic
GDPR infographicGDPR infographic
GDPR infographic
 
The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)
 
EFA Skillshare - Jitty van Doodewaerd
EFA Skillshare - Jitty van DoodewaerdEFA Skillshare - Jitty van Doodewaerd
EFA Skillshare - Jitty van Doodewaerd
 
Ubicomp challenges for privacy law
Ubicomp challenges for privacy lawUbicomp challenges for privacy law
Ubicomp challenges for privacy law
 
GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360GDPR: The Catalyst for Customer 360
GDPR: The Catalyst for Customer 360
 
General data protection regulation - European union
General data protection regulation - European unionGeneral data protection regulation - European union
General data protection regulation - European union
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection Act
 
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPR
 
Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)
 
Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...
 
20131009 aon security breach legislation
20131009 aon security breach legislation20131009 aon security breach legislation
20131009 aon security breach legislation
 
Draft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataDraft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal Data
 
Things to know about GDPR in 2018
Things to know about GDPR in 2018Things to know about GDPR in 2018
Things to know about GDPR in 2018
 
Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...
 
Quick guide gdpr
Quick guide gdprQuick guide gdpr
Quick guide gdpr
 
The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016
 

Ähnlich wie Notification By Data Controllers Under The Data Protection Act, 1998 (Uk)

All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfJakeAldrinDegala1
 
Managing Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationManaging Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationsilvereyez11
 
Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Kirk Go
 
Jamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business communityJamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business communityEmerson Bryan
 
GDPR and Analytics
GDPR and AnalyticsGDPR and Analytics
GDPR and Analyticsbrunomase
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...IT Governance Ltd
 
Bahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfBahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfDaviesParker
 
Group 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptxGroup 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptxStephenQuijano3
 
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxPERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxssuser36d167
 
Data Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesData Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesjo bitonio
 
Regulatory compliance 2018
Regulatory compliance 2018Regulatory compliance 2018
Regulatory compliance 2018ProColombia
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!Fintan Swanton
 
20131008 agoria big data vs data protection
20131008 agoria big data vs data protection20131008 agoria big data vs data protection
20131008 agoria big data vs data protectionJos Dumortier
 
Data protection act
Data protection act Data protection act
Data protection act Iqbal Bocus
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Russell_Kennedy
 
Biometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization IssuesBiometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization IssuesGiannisBasa
 

Ähnlich wie Notification By Data Controllers Under The Data Protection Act, 1998 (Uk) (20)

All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
 
Managing Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationManaging Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentation
 
Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)
 
Jamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business communityJamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business community
 
GDPR and Analytics
GDPR and AnalyticsGDPR and Analytics
GDPR and Analytics
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...
 
Bahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfBahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdf
 
Group 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptxGroup 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptx
 
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxPERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
 
Data Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesData Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperatives
 
Regulatory compliance 2018
Regulatory compliance 2018Regulatory compliance 2018
Regulatory compliance 2018
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!
 
20131008 agoria big data vs data protection
20131008 agoria big data vs data protection20131008 agoria big data vs data protection
20131008 agoria big data vs data protection
 
Data protection act
Data protection act Data protection act
Data protection act
 
GDPR, Data Privacy.
GDPR, Data Privacy.GDPR, Data Privacy.
GDPR, Data Privacy.
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)
 
GDPR
GDPRGDPR
GDPR
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
GDPR for Dummies
GDPR for DummiesGDPR for Dummies
GDPR for Dummies
 
Biometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization IssuesBiometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization Issues
 

Kürzlich hochgeladen

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 

Kürzlich hochgeladen (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 

Notification By Data Controllers Under The Data Protection Act, 1998 (Uk)

  • 1. NOTIFICATION BY DATA CONTROLLERS 1 Vishnu Kesarwani (IMS2007011) Rajendra Prasad (IMS2007012) 2nd Semester MS (Cyber Law & Information Security) IIIT-Allahabad
  • 2. INTRODUCTION  The Data Protection Act, 1984 established the Data Protection Register and the system of registration maintained by the Registrar.  The Data Protection Act, 1998 introduced a new system of notification which replaced the registration scheme. Meaning:  Notification is the process by which a data controller informs the Commissioner of certain details about the processing of personal data carried out by that data controller. 2
  • 3. CONTD… Purpose  Transparency or openness Interest Notification fulfils the interests of :  Data controllers  Data subjects 3
  • 4. NOTIFICATION EXEMPTIONS The Act provides exemption from notification for data controllers. Exemptions are :  data controllers who only process personal data for :  staff administration  advertising, marketing and public relations (of their own business)  accounts and records  not for profit Organisations 4
  • 5. CONTD….  processing personal data for personal, family or household affairs  data controllers who only process personal data for the maintenance of a public register  data controllers who do not process personal data on computer 5
  • 6. STAFF ADMINISTRATION EXEMPTION The processing is for the purposes of  appointments or  removals,  pay,  discipline,  superannuation,  work management or  other personnel matters in relation to the staff of the data controller;  (b) is of personal data in respect of which the data subject is - o a past, o existing or o prospective member of staff of the data controller  (c) is of personal data consisting of the name, address and other identifiers of the data subject or information as to -  qualifications, 6 o work experience or o pay
  • 7. ADVERTISING, MARKETING AND PUBLIC RELATIONS EXEMPTION  (a) is for the purposes of  advertising or  marketing the data controller's business,  activity,  goods or services  and promoting public relations in connection with that business or activity, or those goods or services;  (b) is of personal data in respect of which the data subject is - o a past, o existing or o prospective customer or supplier 7
  • 8. ACCOUNTS AND RECORDS EXEMPTION The processing –  (a) is for the purposes of  keeping accounts relating to any business or  other activity carried on by the data controller, or any person as a customer or supplier, or  keeping records of purchases, sales or  (b) is of personal data in respect of which the data subject is - o a past, o existing or o prospective customer or o supplier 8
  • 9. NON PROFIT-MAKING ORGANISATIONS EXEMPTIONS The processing -  (a) is carried out by a data controller which is a body or association which is not established or conducted for profit;  (b) is for the purposes of establishing or maintaining membership of or support for the body or association, or providing or administering activities for individuals who are either members of the body or association or have regular contact with it;  (c) is of personal data in respect of which the data subject is -  a past,  existing or  prospective member of the body or organisation; 9
  • 10. THE REGISTRABLE PARTICULARS According to Section 16(1) the registrable particulars means:  Data Controller’s name and address,  The name and address of the representative,  A description of the personal data,  A description of the purpose or purposes,  A description of any recipient or recipients,  The names, or a description of, any countries or territories outside the European economic area, 10
  • 11. Duty of the data controller Duty to notify changes  If any changes takes place regarding personal data then data controller is bound by the Act to notify the Commissioner. Duty to make certain information available  The data controller has not notified the relevant particulars in respect of that processing under section 18, the data controller must, within twenty-one days of receiving a written request from any person, make the relevant particulars available to that person in writing free of charge. 11
  • 12. Function of the Commissioner  As soon as practicable after the passing of this Act, the Commissioner shall submit to the Secretary of State proposals as to the provisions to be included in the first notification regulations.  The Commissioner shall keep under review the working of notification regulations and may from time to time submit to the Secretary of State proposals as to amendments to be made to the regulations. 12
  • 13. Function of the secretary of state  The Secretary of State may from time to time require the Commissioner to consider any matter relating to notification regulations and to submit to him proposals as to amendments to be made to the regulations in connection with that matter.  Before making any notification regulations, the Secretary of State shall—  (a) consider any proposals made to him by the Commissioner under subsection (1), (2) or (3), and  (b) consult the Commissioner  Power to make provision for appointment of data protection supervisors 13
  • 14. Offences relating to notification It is an offence to process personal data without notification unless:-  the personal data fall within either of the national security or domestic purposes exemptions,  the personal data are exempt under the transitional exemptions,  the personal data fall within the ―relevant filing system‖/ ―accessible record‖ or public register exceptions referred to above,  the processing operation falls within the exemptions referred to in the Regulations  the processing is of a description which notification regulations provide is exempt from the requirements to notify on the ground that it is unlikely to prejudice the rights and freedoms of data 14 subjects. No such provision was included in the Regulations.
  • 15. CONTD…  It will also be an offence for a person to fail to notify the Commissioner of changes to the register entry.  The Regulations provided that such notification must be given as soon as practicable and in any event within a period of 28 days from the date upon which the entry becomes inaccurate or incomplete.  Defense: due diligence 15
  • 16. Nature of Offence  When Data Controller fail to comply the provision of the Act or contravene the provision then the Data Controller will be held liable.  The nature of offence will be criminal.  In all cases the Data Controller will be held strictly liable ( strict liability offence). 16
  • 17. REFERENCES 1/28/2010  THE DATA PROTECTION ACT, 1998  Data Protection Act 1998: Legal Guidance; available from http://www.ico.gov.uk/upload/documents/library/data_protection/detailed _specialist_guides/data_protection_act_legal_guidance.pdf  Hamilton, Angus and Jay, Rosemary, Data Protection Act 1998 (UK: Sweet & Maxwell, 1999) 17
  • 18. THANKS 18