Data Protection Act 2018
The data protection act 2018 controls how personal information is
collected and used by organisations.
Everyone responsible for using personal data has to follow strict
rules called ‘data protection principles’. They must make sure the
information:
Used fairly, lawfully, and transparently
Used for specified, explicit purposes
Used in a way that is adequate, relevant, and limited to only
what is necessary
Accurate and, where necessary, kept up to date
Kept for no longer than is necessary
Handled in a way that ensures appropriate security, including
protection against unlawful or unauthorised processing,
access, loss, destruction or damage
For example, just because you are a police officer and you have
access to information about your neighbours, you cannot look at
this information. You risk losing your job.
This means that every piece of information that you access as an
officer is logged and recorded.
Sections of the DPA 2018 which relate to
Criminal Investigation:
Section 170 of the act criminalises knowingly or recklessly
obtaining, disclosing, or procuring personal data without the
consent of the data controller. This includes health care records
and financial records.
This means that police cannot simply access medical or
financial records without due cause. Permission must be
given either by the data controller, or by a judge.
Section 170 adds the offence of knowingly or recklessly retaining
personal date (which may have been lawfully obtained) without
the consent of the data controller.
This means that police cannot keep things like DNA
records for longer than 6 months without permission.
The data protection act 2018 controls how personal information is
collected and used by organisations.
Everyone responsible for using personal data has to follow strict
rules called ‘data protection principles’. They must make sure the
information:
Used fairly, lawfully, and transparently
Used for specified, explicit purposes
Used in a way that is adequate, relevant, and limited to only
what is necessary
Accurate and, where necessary, kept up to date
Kept for no longer than is necessary
Handled in a way that ensures appropriate security, including
protection against unlawful or unauthorised processing,
access, loss, destruction or damage
For example, just because you are a police officer and you have
access to information about your neighbours, you cannot look at
this information. You risk losing your job.
This means that every piece of information that you access as an
officer is logged and recorded.
Sections of the DPA 2018 which relate to
Criminal Investigation:
Section 170 of the act criminalises knowingly or recklessly
obtaining, disclosing, or procuring personal data without the
consent of the data controller. This includes health care records
and financial records.
This means that police cannot simply access medical or
financial records without due cause. Permission must be
given either by the data controller, or by a judge.
Section 170 adds the offence of knowingly or recklessly retaining
personal date (which may have been lawfully obtained) without
the consent of the data controller.
This means that police cannot keep things like DNA
records for longer than 6 months without permission.
