Offences
The Act details a number of civil and criminal offences for which data controllers may be liable if a data controller has failed to gain appropriate consent from a data subject. However 'consent' is not specifically defined in the Act; consent is therefore a common law matter.
- Section 21 - This section makes it an offence to process personal information without registration or to fail to comply with the notification regulations.
- Section 55 - Unlawful obtaining of personal data. This section makes it an offence for people (Other Parties), such as hackers and impersonators, outside the organisation to obtain unauthorised access to the personal data.
- Section 56 - This section makes it a criminal offence to require an individual to make a Subject Access Request relating to cautions or convictions for the purposes of recruitment, continued employment, or the provision of services. This was brought into effect by the Data Protection Act 1998 (Commencement No. 2) Order 2008.
Read more about this topic: Data Protection Act 1998
Famous quotes containing the word offences:
“A strong argument for the religion of Christ is this—that offences against Charity are about the only ones which men on their death-beds can be made—not to understand—but to feel—as crime.”
—Edgar Allan Poe (1809–1845)