A summary of Data Protection Law
Data Protection gives you some control over the processing of your personal data. It imposes rules upon data controllers and grants rights to data subject. These rules apply to pretty much every personal data processing operation; the rights can be invoked by any living person. Data protection is built around four rules:
- There has to be a legitimate basis for the data processing to take place;
- The processing has to comply with the principles of data protection;
- The processing has to comply with certain sectoral rules such as the prohibition on the processing of sensitive personal data; and,
- The rights of the subject, such as access and objection, have to be respected.
Interpreting the Data Protection Acts and their application depends upon understanding a number of key definitions. And the Data Protection Acts provide supervision and enforcement mechanism. Data Protection is not difficult to understand in theory; it is the practice that is hard. This application is discussed comprehensively in Privacy and Data protection Law in Ireland.
These pages summarise the Data Protection law under the following headings.
- Why do we have data protection?
- Advantages & disadvantages of data protection
- The 4 rules of data protection:
- Rule 1 – there has to be a legitimate basis for the data processing to take place;
- Rule 2 – the processing has to comply with the principles of data protection;
- Rule 3 – follow sectoral rules such as sensitive data, cookies
- Rule 4 – respect the rights of data subjects.
There are also discussions of data protection in contexts such as:
- privacy at work
- Cloud computing