Data Protection Act 171 Computers and privacy There are problems as more computers are used There...
-
Upload
elwin-hoover -
Category
Documents
-
view
213 -
download
1
Transcript of Data Protection Act 171 Computers and privacy There are problems as more computers are used There...
Data Protection Act 17 Data Protection Act 17 11
Computers and privacy Computers and privacy There are problems as more computers are usedThere are problems as more computers are used More and more information is stored on computers.More and more information is stored on computers. By linking the information gained by several computers together so it is By linking the information gained by several computers together so it is
possible to build up complete picture of person's life.possible to build up complete picture of person's life. So in this way privacy of a person will become lessSo in this way privacy of a person will become less A person goes to abroad then computer stored these kinds of informationA person goes to abroad then computer stored these kinds of information Example:Example: Travel companies computers data Travel companies computers data Bank’s computers Bank’s computers Travel insurance companiesTravel insurance companies LibraryLibrary
Data Protection Act 17 Data Protection Act 17 22
Loyalty cards Loyalty cards Large store chains now have what is called a loyalty card Large store chains now have what is called a loyalty card
schemescheme Each time customer uses the card, points are addedEach time customer uses the card, points are added When the no of points earned reaches a certain value When the no of points earned reaches a certain value
customers are given voucher customers are given voucher Working of Loyalty cardsWorking of Loyalty cards Fills an application formsFills an application forms Customer is given a loyalty card that contain magnetic strip Customer is given a loyalty card that contain magnetic strip When making their purchases the loyalty card links the When making their purchases the loyalty card links the
customers to their purchases customers to their purchases Card adds certain no of points based on their bill and the items Card adds certain no of points based on their bill and the items
bought to the total bought to the total
Data Protection Act 17 Data Protection Act 17 33
Store things added few informationStore things added few information What newspaper and magazines you readWhat newspaper and magazines you read What drink u likeWhat drink u like The method of purchaseThe method of purchase Whether u have petrol or gas carWhether u have petrol or gas car What pets you haveWhat pets you have Why electronic stored information is easierWhy electronic stored information is easier Cross referencing Cross referencing Danger of hacking Danger of hacking Making alterationsMaking alterations Faster access to data Faster access to data
Data Protection Act 17 Data Protection Act 17 44
Reason behind data protectionReason behind data protection
As more and more information come to be As more and more information come to be stored on computers much of its personal data stored on computers much of its personal data about individuals, there became the need for about individuals, there became the need for some sort of control over the way that it was some sort of control over the way that it was collected and the way it could be used collected and the way it could be used
Data Protection Act 17 Data Protection Act 17 55
1998 Data Protection Act1998 Data Protection Act
This act replaces the earlier Data Protection Act 1984This act replaces the earlier Data Protection Act 1984 Covers manually held data not covered by the earlier Covers manually held data not covered by the earlier
Act Act This act covers the processing of data either manually This act covers the processing of data either manually
or by the computeror by the computer This act deal with some of the things that were not This act deal with some of the things that were not
around when the older act was introduced likearound when the older act was introduced like InternetInternet Loyalty cardLoyalty card Use of huge database for marketing purposesUse of huge database for marketing purposes
Data Protection Act 17 Data Protection Act 17 66
Eight PrinciplesEight PrinciplesThe Eight Principles
Principle What it means
Personal data should be obtained and processed fairly and lawfully
This means that you should be told that data is being collected about you, and you should know what the data will be used for.
Personal data can be held only for specified and lawful purposes
The Data Controller has to state why they want to collect and store information when they apply for permission to be able to do so. If they use the data they have collected for other purposes, they are breaking the law.
Personal data should be adequate, relevant and not excessive for the required purpose
Organisations should only collect the data that they need and no more. Your school needs to know your parent's phone number in case they need to contact them in an emergency. However, they do not need to know what your grandmother's name is, nor do they need to know your eye co lour. They should not ask, nor should they store such details since this would be excessive and would not be required to help with your education.
Personal data should be accurate and kept up-to-date
Companies should do their best to make sure that they do not record the wrong facts about a data subject. Your school probably asks your parents to check a form once a year to make sure that the phone number and address on the school system is still correct.If a person asks for the information to be changed, the company should comply if it can be proved that the information is indeed incorrect.
Data Protection Act 17 Data Protection Act 17 77
Personal data should not be kept for longer than is necessary
Organisations should only keep personal data for a reasonable length of time. Hospitals might need to keep patient records for 25 years or more, that is acceptable since they may need that information to treat an illness later on. However, there is no need for a personnel department to keep the application forms of unsuccessful job applicants.
Data must be processed in accordance with the rights of the data subject
People have the right to inspect the information held on them (except in certain circumstance - see later). If the data being held on them is incorrect, they have the right to have it changed.
Appropriate security measures must be taken against unauthorised access
This means information has to be kept safe from hackers and employees who don't have rights to see it. Data must also be safeguarded against accidental loss.
Personal data cannot be transferred to countries outside the E.U. unless the country has similar legislation to the D.P.A.
This means that if a company wishes to share data with an organisation in a different country, that country must have similar laws to our Data Protection Act in place.
Principles Principles
Data Protection Act 17 Data Protection Act 17 88
Sensitive Personal DataSensitive Personal Data The Act mentions data called sensitive personal data, The Act mentions data called sensitive personal data,
which may not be disclosed.which may not be disclosed. This include the following information.This include the following information. Ethnic origin of the data subjects Ethnic origin of the data subjects Their political opinionsTheir political opinions Their religious beliefsTheir religious beliefs Whether or not they are member of a trade union.Whether or not they are member of a trade union. Their physical or mental health conditionTheir physical or mental health condition The commission or alleged commission by them of The commission or alleged commission by them of
any offence any offence
Data Protection Act 17 Data Protection Act 17 99
Data SubjectData Subject Every one whether we like it or not is a data subject, because organizations and Every one whether we like it or not is a data subject, because organizations and
companies ,called data users holds personal detailscompanies ,called data users holds personal details Your rights to see personal details about held on computer or manually Your rights to see personal details about held on computer or manually Data Controller:Data Controller: Means a person who determine the purpose for which and the manner in which Means a person who determine the purpose for which and the manner in which
any personal data is processed.any personal data is processed. The data controller is therefore the person who decides what to do with the data The data controller is therefore the person who decides what to do with the data
once it has been entered onto the system.once it has been entered onto the system. Example:Example: If you rent a TV, then your details will be automatically passed the TV licence If you rent a TV, then your details will be automatically passed the TV licence
centre. The driver and Vehicle licence authority is linked to the police National centre. The driver and Vehicle licence authority is linked to the police National computercomputer
Data Data CommissionerCommissioner This is the person who enforces the Data Protection Act. This is the person who enforces the Data Protection Act. This is the person that organisations need to apply to in order to gain This is the person that organisations need to apply to in order to gain
permission to collect and store personal data.permission to collect and store personal data.
Data Protection Act 17 Data Protection Act 17 1010
People Rights of data subjectsPeople Rights of data subjects A Right of Subject AccessA Right of Subject Access A data subject has a right to be supplied by a A data subject has a right to be supplied by a data controllerdata controller
with the personal data held about him or her. The data with the personal data held about him or her. The data controller can charge for this: usually a few pounds.controller can charge for this: usually a few pounds.
A Right of CorrectionA Right of Correction A data subject may force a data controller to correct any A data subject may force a data controller to correct any
mistakes in the data held about them.mistakes in the data held about them. A Right to Prevent DistressA Right to Prevent Distress A data subject may prevent the use of information if it would A data subject may prevent the use of information if it would
be likely to cause them distress.be likely to cause them distress. A Right to Prevent Direct MarketingA Right to Prevent Direct Marketing A data subject may stop their data being used in attempts to A data subject may stop their data being used in attempts to
sell them things (eg by junk mail or cold telephone calls.)sell them things (eg by junk mail or cold telephone calls.)
Data Protection Act 17 Data Protection Act 17 1111
A Right to Prevent Automatic DecisionsA Right to Prevent Automatic Decisions A A data subjectdata subject may specify that they do not want a may specify that they do not want a data userdata user to to
make "automated" decisions about them where, through points make "automated" decisions about them where, through points scoring, a computer decides on, for example, a loan scoring, a computer decides on, for example, a loan application.application.
A Right of Complaint to the Information CommissionerA Right of Complaint to the Information Commissioner A A data subjectdata subject can ask for the use of their can ask for the use of their personal datapersonal data to be to be
reviewed by the reviewed by the Information CommissionerInformation Commissioner who can enforce a who can enforce a ruling using the Act. The Commissioner may inspect a ruling using the Act. The Commissioner may inspect a controller's computers to help in the investigation.controller's computers to help in the investigation.
A Right to CompensationA Right to Compensation The data subject is entitled to use the law to get compensation The data subject is entitled to use the law to get compensation
for damage caused ("damages") if personal data about them is for damage caused ("damages") if personal data about them is inaccurate, lost, or disclosed. inaccurate, lost, or disclosed.
Data Protection Act 17 Data Protection Act 17 1212
Your right as a data subjectYour right as a data subject You have the right to see any personal details about you held on You have the right to see any personal details about you held on
computer or held manually.computer or held manually. You also have the right to a description of the data being You also have the right to a description of the data being
processed.processed. You do not however have the right to see all the information You do not however have the right to see all the information
held about you.held about you. There are following purposesThere are following purposes The prevention or detection of crime.The prevention or detection of crime. Catching or prosecuting offendersCatching or prosecuting offenders Collecting taxes or duty Collecting taxes or duty Medical or social worker's report in some instance.Medical or social worker's report in some instance.