business law Acts

The legal act summary below is supplied by Law Teacher as a free information resource to help you with your studies.

The Data Protection Act 1998

1. The Data Protection Act 1998: Brief Background and Overview ‘

The Data Protection Act 1998[1] was implemented with the aim of protecting the personal data of individuals deposited on computer systems, or in the paper file systems that were, with the increasing use of computers at the time that the Act was created, beginning to be phased out.[2] The increasing use of computers by individuals, businesses, and government organisations meant that personal information was increasingly being stored in computers, such as names, addresses, medical and credit history, and other private information which, although useful, also posed serious privacy issues, particularly due to the way in which many computers were part of a network and the information contained could be easily accessible by large numbers of people..[3] In addition to the privacy concerns that this raised, there were also questions regarding the accuracy of information, whether it could be stolen or copied, or whether changes could be made without the authority of the person to whom the information pertained.[4] The ultimate aim of the Data Protection Act, therefore, was to control the possibility that information could be misused and to control unauthorised access to personal data, as well as hanging rights in law to the owners of the information.

However, the Government of the United Kingdom (UK) was also pressured into creating the Act due to the requirement to comply with the European Data Protection Directive 95/46,which had been passed by the European Parliament in 1995.[5] Indeed, on looking at the debates recorded in Hansard, it is evident that the Government introduced the Act unwillingly, and only as it was forced to comply with the European Directive.[6] Nonetheless, academic commentators were fully cognisant of the risks associated with unlimited access to data and the need to provide protection from breaches, with Raab and Bennett stressing that the use of personal information by businesses and government ‘puts individual privacy at risk.’[7] They also noted in 1998 that little research had been carried out on the particular risks, as pertaining to social groups and the various sectors, and stressed the risks associated with the breach of medical records and the dissemination of sensitive information such as HIV status and credit history.[8] The risks of inaccurate information and concerns about targeting by companies were also raised, as well as the fear of the ability of technology to create dossiers on individuals.[9]

These concerns had by 1998 already been well documented in the United States, with respondents to a survey reporting high levels of distrust in the ability of companies and governmental organisations to maintain the confidentiality of their private information, and favouring a higher level of legal protection.[10] Concerns were also raised by medical professionals concerning the legal and ethical aspects of the availability of data, with commentators noting that it could be subject to abuse on a wide scale, noting the requirement for legal and security measures on data protection to ensure to security as well as the integrity of records.[11] The Act establishes the rules and practices regarding the processing of information and provides rights to the holders of information, and creates the independent body that enforces these. By replacing the Data Protection Act 1984[12]. The principles of the Act are most significant, as listed in Schedule 1, and they ensure the lawful and fair process of data, subject to the conditions listed in Schedules 2 and 3.[13] Of great importance is the requirement for an individual to consent to the use of his data, which he can withdraw.[14]

Sensitive data is subject to even stricter conditions, and consent must be explicit.[15] There are exceptions for national security reasons,[16] for crime and taxation[17], and for domestic purposes where an individual processes his information for private purposes.[18] Furthermore, data controllers of information may commit civil or criminal offense where they have not been provided with consent from subjects. The unlawful obtainment of data is unlawful[19] and it is an offence to process personal information without registration and to fail to comply with the notification regulations.[20] It is also a criminal offence to submit, for the purpose of recruitment, employment continuation of for the provision of services, a Subject Access Request regarding cautions or convictions.[21] However, this only came into law in 2015.[22] There are problems with the Act; it is complicated and it appears to confuse numerous companies and organisations, as evidenced by the refusal to provide information, even that which is publicly available, whilst citing the Act as a reason.[23] A lack of governmental commitment to clarifying the Act has been cited as a reason for this, primarily due to a concern that the taxpayer should not bear a financial burden for its enforcement.[24] One such example was the attempts of the police to accuse the Act of limiting the passing on of information that might have prevented the murder of two schoolgirls, suggesting that the Act has become a ‘scapegoat’ for the deficiencies of organisations.[25] Nevertheless, as the Internet continues to gain importance in every area of life, the Act is more significant than ever.

2. ‘The Berne Convention for the Protection of Literary and Artistic Works 1866’ [26]

The aim of the Berne Convention was to provide copyright protection for artistic and literary works in different countries, as prior to its enactment, national copyright laws only protected the works published in that particular country, meaning, for example, that a work published in England would not be protected from copyright infringement in Germany. The Berne Convention was opposed at the time by book publishers such as Albertus Willem Sijthoff in the Netherlands, who was concerned that such protection of copyright would damage the businesses of publishers.[27] The ultimate aim of the Berne Convention was to protect copyright and essentially the moral rights of authors and artists, with the notion of moral rights being defined as the understanding that it is the author who creates a work, and that due to this should have the protection of assurance that his work will be respected.[28] The violation of moral rights may be challenged and damages can be awarded.[29]

It may also be stated that the moral rights of an author’s work are inextricably connected with his reputation, and the way in which his work is treated will inevitably affect his own personal reputation. It is therefore unsurprising that moral rights have been placed on equivalence with trademarks as the ‘sign of the reputation of the trader.’[30] The pressure for copyright protection of artistic works also came from France, where the moral rights of authors have long been respected and considered valuable, in contrast to the general opinion in countries such as the United States. [31]

In this way therefore, the Berne Convention extended copyright protection and the protection of the moral rights of creators to all countries that ratified it, and one of the key principles of the Act was Article 6bis, which provides that those who infringe copyright can be subjected to penalties such as trade sanctions.[32] The Berne Convention is therefore basically an international agreement that governs copyright, and one of the most important principles is contained in Article 5 (4), which determines the notion of the ‘country of origin’ of the work.[33] The Convention also provides that all creative works, apart from photographic works, will enjoy copyright for a minimum of fifty years following their creation.[34] However, the Convention also states that a copyright period must not exceed the period of copyright that was awarded to a work in its country of origin.[35] Interestingly, despite the benefits of the Berne Convention to artistic creators of works, the United States refused to ratify it for over a century, primarily for commercial reasons. This was undoubtedly due to the predominance of American cinema and its global cultural and commercial dominance, with there existing concerns that membership of the Convention would cause the country a financial loss.[36] It was not until 1988 that the United States incorporated the Berne Convention into federal law with law H.R.4262, the Berne Convention Implementation Act,[37] which meant that creators in the United States were entitled to the same protection of their works as creators in countries that were already members.[38]

Bibliography

Statute

Berne Convention for the Protection of Literary and Artistic Works 1866

Data Protection Act 1984

Law H.R. 4262, (1988) Berne Convention Implementation Act (United States)

Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data

Data Protection Act 1998

References

BBC. Data Protection Act. Available at: < http://www.bbc.co.uk/schools/gcsebitesize/ict/legal/0dataprotectionactrev1.shtml> Accessed 10/02/2016

Equifax Harris. The Equifax Report on Consumers in the Information Age (Atlanta, GA: Equifax, Inc)

Hatch, O. G. ‘Better Late Than Never: Implementation of the 1886 Berne Convention’ Cornell International Law Journal Volume 22, Issue 2 Summer 1989 171-195

Henley Centre. Dataculture (London: Henley Centre for Forecasting Ltd., 1995)

Journal: ’The Berne Convention’ The Publishers' circular and booksellers' record of British and foreign literature, Vol. 71. Sampson Low, Marston & Co. 1899.

Kilian, M. ‘A Hollow Victory for the Common Law? TRIPS and the Moral Rights Exclusion’, J. Marshall Rev. Intell. Prop. L. (2003) 321

Korn, N. Guide to Intellectual Property Rights and Other Legal Issues (Minerva Project, 2005) 12

Lewis Silkin ‘Forced data subject access requests are now a criminal offence’ Lewis Silkin: The Employment Journal (2015) Available at: < http://www.lewissilkin.com/Journal/2015/March/Forced-data-subject-access-requests-are-now-a-criminal-offence.aspx#.Vr3IJHSLST8> Accessed 10/02/2016

Lloyd, I.J. Information Technology Law (Oxford: Oxford University Press, 2014)

Lorimer, R. ‘ Intellectual Property, Moral Rights, and Trading Regimes: A Publishing Perspective’ Canadian Journal of Communications (1996) Vo. 21 No. 2 Available at: <http://www.cjconline.ca/index.php/journal/article/view/943/849> Accessed 10 /02/2016

Raab,C. and Bennett, C. J. 'The Distribution of Privacy Risks: Who Needs Protection?' The Information Society (1998) Vol 14, No. 4: 263-273

Stanbury, B. ‘The legal and ethical aspects of telemedicine: Data protection, security and European law’J Telemed TelecareMarch 1, (1998) Vol. 4, No.1: 18-24


[1] Data Protection Act 1998

[2]BBC. Data Protection Act. Available at: < http://www.bbc.co.uk/schools/gcsebitesize/ict/legal/0dataprotectionactrev1.shtml> Accessed 10/02/2016

[3] Ibid.

[4] Ibid .

[5] Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data

[6] Lloyd, I.J. Information Technology Law (Oxford: Oxford University Press, 2014) 36

[7] Raab, C. and Bennett, C. J. 'The Distribution of Privacy Risks: Who Needs Protection?' The Information Society (1998) Vol 14, No. 4: 263-273 (264)

[8] Ibid.

[9] Henley Centre. Dataculture (London: Henley Centre for Forecasting Ltd., 1995) 4

[10] Equifax Harris. The Equifax Report on Consumers in the Information Age (Atlanta, GA: Equifax, Inc) xii

[11]Stanbury, B. ‘The legal and ethical aspects of telemedicine: Data protection, security and European law’ J Telemed TelecareMarch 1, (1998) Vol. 4, No.1: 18-24 (19)

[12] Data Protection Act 1984

[13] Data Protection Act 1998 Schedule 1

[14] Ibid.

[15] Ibid.

[16] Data Protection Act 1998 Section 28

[17] Ibid. Section 29

[18] Ibid. Section 36

[19] Ibid. Section 55

[20] Ibid. Sections (1) and (2)

[21] Ibid, Section 56 Part VI (Miscellaneous and General)

[22] Lewis Silkin ‘Forced data subject access requests are now a criminal offence’ Lewis Silkin: The Employment Journal (2015) Available at: < http://www.lewissilkin.com/Journal/2015/March/Forced-data-subject-access-requests-are-now-a-criminal-offence.aspx#.Vr3IJHSLST8> Accessed 10/02/2016

[23] Ibid.

[24] Lloyd, I.J. Information Technology Law (Oxford: Oxford University Press, 2014) 36

[25] Ibid.

[26] Berne Convention for the Protection of Literary and Artistic Works 1866

[27] Journal: ’The Berne Convention’ The Publishers' circular and booksellers' record of British and foreign literature, Vol. 71. Sampson Low, Marston & Co. 1899. (597)

[28] Korn, N. Guide to Intellectual Property Rights and Other Legal Issues (Minerva Project, 2005) 12

[29] Ibid.

[30] Lorimer, R. ‘ Intellectual Property, Moral Rights, and Trading Regimes: A Publishing Perspective’ Canadian Journal of Communications (1996) Vo. 21 No. 2 Available at: <http://www.cjconline.ca/index.php/journal/article/view/943/849> Accessed 10/02/2016

[31] Kilian, M. ‘A Hollow Victory for the Common Law? TRIPS and the Moral Rights Exclusion’, J. Marshall Rev. Intell. Prop. L. (2003) 321, 2

[32] Berne Convention for the Protection of Literary and Artistic Works 1866 Article 6bis

[33] Berne Convention for the Protection of Literary and Artistic Works 1866 Article 5 (4)

[34] Ibid. Article 7

[35] Ibid. Article 7 (8)

[36] Hatch, O. G. ‘Better Late Than Never: Implementation of the 1886 Berne Convention’ Cornell International Law Journal Volume 22, Issue 2 Summer 1989 171-195 (172)

[37] Law H.R. 4262, (1988) Berne Convention Implementation Act.(United States)

[38] Hatch, O. G. ‘Better Late Than Never: Implementation of the 1886 Berne Convention’ Cornell International Law Journal Volume 22, Issue 2 Summer 1989 171-195 (172)