1 / 15

Data Protection: The Law

Data Protection: The Law . Data Protection Directive 95/46/EC Electronic Privacy Directive 2002/58/EC EUROPOL etc. Data Protection Acts 1988 & 2003 EC Electronic Privacy Regulations 2003 (SI 535/2003) Corresponding Acts Good Friday Agreement Disability Act 2005. EU & Irish Legislation.

meaghan
Download Presentation

Data Protection: The Law

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Data Protection: The Law

  2. Data Protection Directive 95/46/EC Electronic Privacy Directive 2002/58/EC EUROPOL etc Data Protection Acts 1988 & 2003 EC Electronic Privacy Regulations 2003 (SI 535/2003) Corresponding Acts Good Friday Agreement Disability Act 2005 EU & Irish Legislation

  3. Fair obtaining & processing Consent Specified purpose No disclosure unless “compatible” Safe and secure Accurate, up-to-date Relevant, not excessive Retention period Right of access The Data Protection Rules (Directive 95/46 & Data Protection Acts)

  4. Definitions(1) • Personal Data • Any Data relating to a livingidentifiable individual • Data • Automated data or structured manual data • Manual Data • Structured by reference to individuals in a way that makes data readily accessible

  5. Definitions(2) • Data Controller • a person who controls the contents and use of personal data • Data Processor • A person who processes personal data on behalf of a data controller

  6. Definitions(3) • Data Subject • an individual who is the subject of personal data • Processing • Anything done with personal data, from collection to disposal

  7. Sensitive Data (special protection) • Physical or mental health • Racial origin • Political opinions • Religious or other beliefs • Sexual life • Criminal convictions • Alleged commission of offence • Trade Union membership

  8. Using Sensitive Data EXTRA conditions: S.2B (one only is needed) • explicit consent • necessary under employment law • non-profit body (political, philosophical, religious, trade-union) – its members / clients • necessary for medical purposes (contd)

  9. Using Sensitive Data EXTRA conditions: (one only is needed) • necessary to protect vital interests • necessary for legal advice / legal claim • for electoral purposes • for substantial public interest • as prescribed by Minister

  10. Genetic Testing • Disability Act 2005 (Part 4): • Informed consent of data subject required • Prohibited in relation to insurance policies, pensions, and mortgages • Subject to DPC prior approval in relation to employment

  11. Electronic Communications (SI 535/2003) • General DP Principles apply • Telecom-specific: • ‘Cookies’ on PCs • Caller ID (phones) • Location Data (mobiles) • Directories • ‘SPAM’ • Data Retention • ‘Cold Calling’ opt-out

  12. North/South Bodies • S 31, British-Irish Agreement Act, 1999: • Irish DPC responsible for Bodies established in Republic • UK Information Commissioner responsible for Bodies established in Northern Ireland

  13. DP/FOI Access to Personal Information • DP and FOI Acts reinforce one another in relation to personal access in the public sector • Defending access to personal information as human (DP) and citizen (FOI) right • 3rd Party Access restricted under both Acts • FOI access to personal information should sometimes prevail in the public interest

  14. Access right: DP v FOI • FOI - Public Interest (s 28(5)(a)) when “on balance, the public interest that the request should be granted outweighs the public interest that the right to privacy of the individual to whom the information relates should be upheld” • Information Commissioner: Case No 99001- “the protection of personal privacy afforded by s.28 exemption is intended to be a strong one”

  15. DP and FOI • A right conferred by the Data Protection Act shall not prejudice the exercise of a right conferred by the Freedom of Information Act 1997. • The Commissioner and the Information Commissioner shall, in the performance of their functions, co-operate with and provide assistance to each other (DP Act 2003)

More Related