Dubious And Liability Under Data Protection Act 1998

2213 Words Jan 19th, 2015 9 Pages
1. Dubious and Liability under Data Protection Act 1998

Dubious, as a company’s new Trainee, inadvertently posted huge amount of customers’ personal information on a public website. His unauthorized access to company document, particularly the confidential information, absolutely went against the regulations in the Data Protection Act 1998 (DPA 1998). As an organization that is responsible for data controlling and processing, the company should be involved in this information breach issue. The DPA 1998 provides a whole complete legal framework to safeguard the basic human right related to their personal and sensitive personal information privacy as well as place duties on those data controllers. Therefore, several substantive elements should be clarified to declare the company’s guilty as well as Dubious’.

The infringement of the right to privacy that protected under the DPA 1998 will be regard as “personal data”, which could be the first need to be explored. In Section 1(1) DPA 1998, personal data is defined as data relating to a living identifiable individual. Actually it covers not only digital data but also those data stored on hard copy in filing systems including other certain relevant information. It is important to note that, as to the aspect on the ability to identify an individual, any data held could be determined personal data through partly either the data held itself or other non-critical information, such as any expression of opinion or the assessments…
Open Document