Data Protection Flashcards
Describe the principles that underpin the Data Protection Act in the UK?
Ensures that data about citizens will be used only in the way for which they were intended:
- Data processed fairly and lawfully
- Data shall be obtained for a specific purpose and not be further processed.
- Data shall be adequate, relevant and not excessive in relation to purpose.
- Data shall be accurate and where possible kept up to date.
- Data shall not be kept longer than necessary.
- Data shouldn’t be transferred outside EU unless country ensures adequate protection of rights.
- Appropriate measures to protect data against theft, loss or destruction.
What does the Privacy and Electronic Communications Regulation 2003 cover?
Protects citizen’s right to privacy in regards to rules that apply to orgs and individuals whim advertise by electronic means in terms of cookies (awareness, purpose, consent), telephone directories, location data etc…
For telcos & ISP, covers the processing of electronic, location, and billing data, as well as directory of subscribers and security of telco services.
What does Regulation of Investigatory Powers Act 2000 (RIPA)?
Protects against unreasonable intrusion of electronic comms and provides for privacy of comms.
Which Uk agency is responsible for data protection?
The Office of the Information Commissioner.
What is data?
Information being processed automatically or collected with that intention or part of a relevant filing system.
What is Personal Data?
Data about a living person who can be identified from the data possibly used with other data the Data Controller may have.
What is a Data Controller?
A “person” who determines who or how personal data is processed.
What is a Data Subject?
An individual who is subject of personal data.
What is Processing?
Obtaining, recording or holding data or carrying out any operation on it.
