Data protection law and practice / by Rosemary Jay.

London : Sweet & Maxwell, 2020.

5th edition

90351

Great Britain. -- Data Protection Act 1998.

Data protection -- Law and legislation -- Great Britain.

Privacy, Right of -- Great Britain.

1. Background, history and context

2. Definitions

3. Interpretation and CJEU case law

4. Material and territorial scope

5. Grounds for processing personal data --6. The principles

7. Processors

8. Security obligations and breach notification

9. Overseas transfers

10. Accountability

11. Data protection officers

12. Transparency, notice and procedures for the exercise of rights

13. Subject access and data portability

14. Rights of objection, accuracy and rectification

15. General provisions and miscellaneous exemptions

16. Exemptions for the protection of individuals

17. Freedom of expression and exemptions for the special purposes

18. Archiving in the public interest, scientific or historical research, and statistical purposes

19. The role and powers of the information commissioner

20. Exemptions for national security and defence, crime and taxation, immigration and regulatory purposes

21. Complaints, judicial remedies and actions for compensation

22. Enforcement and administrative penalties

23. Criminal offences, prosecutions and warrants of entry

24. GDPR and UK GDPR codes of conduct and certification

25. Codes of practice under the Data Protection Act 2018

26. Freedom of information and data protection

27. First-tier and upper tribunal and appeals

28. International cooperation, the one stop shop and the role of the European Data Protection Board

29. The Privacy and Electronic Communications (EC Directive) Regulations 2003 and The Investigatory Powers (Interception by Businesses etc for Monitoring and Record Keeping Purposes) Regulations 2018.

Data Protection Law and Practice, 5th edition, provides a comprehensive and expert review of the current state of data protection law in the UK, together with the background to the law. It covers the General Data Protection Regulation, its application in the UK under the Data Protection Act 2018, the implementation of Directive 2016/680 (the Law Enforcement Directive) and the new data protection regime which governs the UK intelligence services, as well as the Privacy and Electronic Communications (EC Directive) Regulations and the revised rules on the monitoring of business communications. Both the current application of the GDPR and its application after Brexit are considered in every chapter, as are the rules which apply to the processing of personal data for law enforcement purposes and the new rules for the processing of personal data by the intelligence services. This new, fully updated edition: Covers everything a practitioner advising a company seeking to comply, or a client seeking redress, needs to know about the data protection regime in the UK, under domestic and European law. Places the development of data protection norms in the international and national context, including the background to the major changes brought by the GDPR and Directive 2016/680. Explains the important definitions and sets out specifically how the application and interpretation of the law will be impacted by Brexit. Explores how the law will be interpreted, including the application of the case law developed by the EU Court of Justice and the UK courts. Describes the applicable CJEU cases in full. Details the enhanced obligations which apply to both data controllers and data processors, including the security and data breach requirements, expanded data protection notices and record-keeping obligations, DPO appointments and others. Provides detailed analysis of the new and increased rights of data subjects and the impact of meeting those rights on data controllers. Sets out the enforcement and fines regimes together with the powers of the Information Commissioner in the UK and the role and powers of the European Data Protection Board. Analyses the interface with the UK access regimes under freedom of information legislation Discusses the new and important obligations placed on data processors under the GDPR and DPA 2018. Fully explains the rules on the transfer of personal data outside the European Union and the UK, including under the Privacy Shield and other transfer mechanisms. - Publisher's website.

Previous edition: 2003.

Includes bibliographical references and index.

9780414070967

cxliv, 1742 pages ; 24 cm