- Save
- Cite
-
Email this content
Share Link
Copy this link, or click below to email it to a friendEmail this contentor copy the link directly:The link was not copied. Your current browser may not support copying via this button.Link copied successfully
- Save
- Cite
-
Email this content
Share Link
Copy this link, or click below to email it to a friendEmail this contentor copy the link directly:The link was not copied. Your current browser may not support copying via this button.Link copied successfully
Show Less
Restricted access
A User’s Guide to Data Protection: Law and Policy
Author: Dr Paul Lambert BA, LLB, LLM, TMA, CTMA, PhD
ISBN: 9781526527318
Buy Book in PrintEdition: Fifth
Publication Date: 2023
Publisher: Bloomsbury Professional
Copyright: 2023 Bloomsbury Professional
A User’s Guide to Data Protection: Law and Policy
Are you ready if a client wishes to make a data protection claim, or needs to defend one?
This title is a first port of call, providing clear guidance through the complex web of data protection issues and regulation.
The Fifth Edition includes analysis of new cases and in-depth coverage of:
- The Data Protection and Digital Information (No. 2) Bill
- The Online Safety Bill
- New data fines
- New official documentation from the Department for Digital, Culture, Media & Sport, and the Information Commissioner’s Office
- New EU guidance from the European Data Protection Board and the European Data Protection Supervisor
- New EU data transfer rules, including those concerning controllers and processors
- Developing legal, practice and technology issues
This is an essential guide for IP practitioners, data protection and compliance officers, HR professionals, local authorities, as well as for academics and students of this area of the law.
This title is included in Bloomsbury Professional’s Intellectual Property and IT online service.
Contents
- Dedication
- Quote
- Abbreviations
- Table of Cases
- Table of Statutes
- Table of Statutory Instruments
- Table of EU Regulations
- Table of European Directives
- Table of Treaties, Conventions and Agreements
- Close sectionPart 1: Data Protection
- Close sectionChapter 1: Data Protection
- Close sectionChapter 2: Sources of Data Protection Law
- Introduction
- UK DPA 2018
- UK GDPR
- DPDI Bill
- UK Secondary Legislation
- EU Data Protection Law
- Case Law
- ICO Guides
- ICO Determinations
- Legal Textbooks
- Legal Journals
- EDPB
- European Data Protection Supervisor
- Council of Europe
- Other Data Protection Authorities
- Other Official Sources
- Key/Topical Issues
- Data Protection Websites and Blogs
- Other Laws
- Conferences
- Reference
- Close sectionChapter 3: Definitions
- Close sectionChapter 4: History and Data Protection
- Close sectionChapter 5: Principles
- Close sectionChapter 6: Ordinary Personal Data Lawful Processing Conditions
- Close sectionChapter 7: Processing Pre-Conditions: Prior Information Requirements and Transparency
- Close sectionChapter 8: Exemptions
- Close sectionChapter 9: Individual Data Subject Rights
- Introduction
- Principles of Data Protection
- Rights for Individual Data Subjects
- Recipients of Right
- Access Right under the DPA 2018
- Access Right
- GDPR: Rectification and Erasure
- Right to Data Portability
- Automated Individual Decision Making Right
- Compensation for Data Subjects
- DPA: Requiring Data Disclosure
- Jurisdiction
- Complaints to ICO
- Organisational Data Protection Groups
- Court Remedies
- Different Supervisory Authorities
- Plaintiff Choice of Jurisdictions and Courts
- Compensation
- Penalties
- Sanctions
- GDPR: Right to Portability
- GDPR: Right to Object, Automated Decisions and Profiling
- GDPR Automated Individual Decision Making, Including Profiling
- Conclusion
- Cases to Consider
- Close sectionChapter 10: Time Limits for Compliance
- Close sectionChapter 11: Enforcement and Penalties for Non-Compliance
- Introduction
- Breaches, Offences and Penalties
- Criminal Offences
- Other Consequences of Breach
- ICO Monetary Penalties
- GDPR Changes re Fines and Prosecution
- Civil Sanctions under the DPA
- Remedies, Liability and Penalties under the GDPR
- Powers and Functions of the ICO
- ICO Data Enforcement, Loss/Data Breaches, Fines and Convictions
- Conclusion
- Close sectionChapter 12: Security of Personal Data
- Introduction
- Appropriate Security Measures
- Ensuring Appropriate Security Measures
- Security and the EDPB
- Security and the GDPR and UK GDPR
- Organisational Security Awareness
- Organisational Security Measures
- Raising Awareness
- ICO Guidance
- ICO and Security Breaches
- Disposal of Computer Hardware
- Conclusion
- Close sectionChapter 13: Outsourcing and Data Processors
- Close sectionPart 2: Inward Facing Organisational DP Obligations
- Close sectionChapter 14: Processing Employee Personal Data
- Introduction
- New Inward Facing Changes
- Data Protection Officer (DPO)
- Inward Facing Issues
- Those Covered
- Compliance with the Principles of Data Protection
- Ordinary Personal Data Lawful Processing Conditions
- Lawful Processing and Organisation’s Employees
- Special Personal Data Lawful Processing Conditions
- Special Data Lawful Processing and Organisation’s Employees
- ICO Codes
- Employees and Data Security
- Data Access Right of Employees
- Conclusion
- Close sectionChapter 15: Employee Data Protection Rights
- Close sectionChapter 16: Employee Considerations
- Close sectionChapter 17: Employee Monitoring Issues
- Introduction
- Sample Legal Issues Arising
- Employee Misuse of Email, Internet, etc
- Contract
- Employment Equality
- Harassment
- Online Abuse
- Offline Abuse
- Child Pornography
- Dealing with the Employee Risks
- Employee Corporate Communications Usage Policies
- Focus of Organisational Communications Usage Policies
- Data Protection and Employee Monitoring
- Human Rights
- Application of Data Protection Regime
- ILO Code
- EDPB/WP29
- Employment Contracts, Terms, Policies
- Processing Compliance Rules
- The Rights of Employee Data Subjects
- Monitoring Case
- Conclusion
- Close sectionChapter 14: Processing Employee Personal Data
- Close sectionPart 3: Outward Facing Organisational DP Obligations
- Close sectionChapter 18: Outward Facing Issues
- Introduction
- New Outward Facing Changes
- Data Protection Officer
- Data Protection by Design and by Default
- Types of Outward Facing Personal Data
- How to be Outward Facing Compliant
- Compliance with the Outward Facing Principles
- Customers, etc, and Ordinary Personal Data Lawful Processing Conditions
- Customers, etc, Special Personal Data Lawful Processing Conditions
- Customers, etc, and Data Security Requirements
- Direct Marketing
- Consequences of Non-Compliance
- Users versus Customers
- Conclusion
- Close sectionChapter 19: Data Protection and Privacy by Design
- Close sectionChapter 20: Enforcement Powers
- Introduction
- Enforcement Notices
- Assessment Notices
- Powers of Entry and Inspection
- Request for Audit
- Information Notices
- Information Orders
- Failure to Comply
- Unlawful Obtaining etc of Personal Data
- Re-identifying De-identified Personal Data
- Re-identification and Testing
- Power of ICO to Impose Monetary Penalty
- Prohibition of Requirement to Produce Certain Records
- Tasks
- Powers
- General Conditions for Imposing Administrative Fines
- Penalties
- DPDI Bill
- Conclusion
- Close sectionChapter 21: Transfers of Personal Data
- Close sectionChapter 22: ePrivacy and Marketing (EU)
- Close sectionChapter 23: ePrivacy and Marketing (UK)
- Close sectionChapter 18: Outward Facing Issues
- Close sectionPart 4: UK Regime
- Close sectionPart 5: EU Regime
- Close sectionPart 6: Particular Issues
- Close sectionChapter 27: Data Breach
- Close sectionChapter 28: Data Protection Impact Assessment
- Close sectionChapter 29: Social Media
- Introduction
- Controllers and Joint Controllers
- Investigations
- Social Media and Leveson
- Social Media Data Transfers: Processors
- Apps: Social Media Data Transfers
- Awareness
- Tagging and Identification
- Transparency and User Friendly Tools
- Abuse, Attacks, Threats, Trolling, Victims
- Employment and Social Media
- Electronic Evidence
- The Rights of Data Subjects
- Consent and Social Media
- Website Discretion, Liability and Obligations
- Third Party Controllers and EU Data Subjects
- Specific Processing Risks
- Rights
- GDPR
- Close sectionChapter 30: Press and Data Protection
- Close sectionChapter 31: Data Protection Officer
- Close sectionChapter 32: Additional Parties
- Close sectionChapter 33: Other Data Protection Issues
- Introduction
- New Regime
- AI, ChatGPT, and Chatbots
- AI, Big Data and Data Ethics
- Medical and Health Data
- Genome Data
- Body Scanners
- Investigation, Discovery and Evidence
- Cloud/Metaverse
- New Hardware Devices, New Software
- Internet of Things
- On-Site/Off-Site
- Online Abuse
- Drones
- Increasing Actions
- Codes and Certification
- Politics
- Conclusion
- Close sectionAppendices
- Close sectionIndex