Data Protection and the GRA. 1. Commentary on Data Protection 2. The GRA’s Role The Register Investigations, Mediation and Compensation Enforcement Notices.

Slides:

Advertisements

Similar presentations

1 Enforcement Powers of National Data Protection Authorities and Experience gained of the Data Protection Directive Safe Harbour Conference Washington.

Advertisements

Procedural Safeguards

Data Security Breach Code of Practice. Data Security Concerns Exponential growth in personal data holdings Increased outsourcing 3 rd countries cloud.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.

THE DEPRIVATION OF LIBERTY SAFEGUARDS

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.

MAKING SENSE OF IT:- WHAT IS DATA PROTECTION? Presented by the Data Protection Commissioner (Mrs D. Madhub) To the Truth and Justice Commission on

Role of Public Information Officers & Assistant Public Information Officers The Right to Information Act 2005.

1 Opening the Door: Access to Government Information A primer for Media Students Mohawk College Sept. 18, 2002 Bob Spence Communications Co-ordinator Office.

The Problem Solvers TM Privacy Rights: Minors and Parents Michael J. Hewitt Marcel Daigle Singleton Urquhart LLP.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi Office of the Data Protection Commissioner.

6/1/2015MINISTRY OF ENERGY, COMMUNICATIONS AND MULTIMEDIA 1 PRESENTATION OF PERSONAL DATA PROTECTION BILL PRESENTATION OF PERSONAL DATA PROTECTION BILL.

Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.

The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.

Transparency in Public Administration – FOI and EIR

Per Anders Eriksson

Minimum Wages Act History of Minimum Wages ILO Convention no26 in1928 Recommended Machinery for Fixation of minimum wages The Standing Labour Committee.

Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Workers Compensation Commission Sian Leathem Registrar 29 September 2008.

Audiences NI Data Protection Workshop

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Overview

The Data Protection Act

1 OVERVIEW PRESENTATION FREEDOM OF INFORMATION (SCOTLAND) ACT 2002.

DATA PROTECTION OFFICE

The Information Commissioner’s Office David Evans.

Regulation of Personal Information Daniel Pettitt, Leon Sewell and Matthew Pallot.

Data Protection and You Your Rights & The Law Registration Basics Other Activities Disclaimer: This presentation only provides an introductory info. Please.

NATIONAL COMMUNICATIONS COMMISSION REGULATORY PRACTICES WORKSHOP MODULE: 4 INVESTIGATION.

1 Freedom of Information (Scotland) Act 2002 A strategic view.

707 KAR 1:360 Confidentiality of Information. Section 1: Access Rights 1) An LEA shall permit a parent to inspect and review any education records relating.

1 POLICY AND DECISION MAKING PROCESS. By the Secretariat.

DATA PROTECTION OFFICE {PMO} “OVERVIEW OF THE FUNDAMENTAL ASPECTS OF THE RIGHT OF ACCESS“ Presented by The Commissioner Mrs D. Madhub To Mutual Aid Association.

Data Protection Act AS Module Heathcote Ch. 12.

New rights for people complaining about adult social care providers – an introduction.

Department of Education, Employment and Workplace Relations Health and Safety Representative (HSR) Contribute to the implementation of the OH&S consultation.

Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.

The Data Protection Act - Confidentiality and Associated Problems.

INTERNATIONAL E-DISCOVERY: WHEN CULTURES COLLIDE Alvin F. Lindsay Hogan & Hartson LLP.

THE RIGHT TO INFORMATION ACT, SECTION 3 Subject to the provisions of this Act, all citizens shall have the right to information.

BTEC ICT Legal Issues Data Protection Act (1998) Computer Misuse Act (1990) Freedom of Information Act (2000)

OPEN UP! Introduction to handling Freedom of Information requests.

Freedom of Information (General) Regulations, 2008 Natasha N. Bodden, LLB FOI Policy Analyst FOI Policy Analyst Freedom of Information Unit Cayman Islands.

PROTECTION OF PERSONAL DATA. OECD GUIDELINES: BASIC PRINCIPLES OF NATIONAL APPLICATION Collection Limitation Principle There should be limits to the collection.

Introduction Data protection is relevant to every individual, business or organisation today, not just Local Government. As well as protecting privacy,

Minimum Wages Act 1948.

Vice-Principal Conference NAHT Thursday 12 th November 2009.

An Introduction to the Privacy Act Privacy Act 1993 Promotes and protects individual privacy Is concerned with the privacy of information about people.

Regulation of Lobbying Act 2015: Presentation to members of the media Sherry Perreault Head of Lobbying Regulation Standards in Public Office Commission.

SEARCH POWERS PILOT S44-47 UK BORDERS ACT 2007 Police Training Presentation Central Policy Unit.

© University of Reading Lee Shailer 06 June 2016 Data Protection the basics.

Information Security TechLink Seminar, 17 April 2013 James Knapton, Information Compliance Officer, Registrary’s Office.

Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.

Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.

Freedom of Information Act ‘What you need to know’ Corporate Information Governance Team Strategic Intelligence.

More About RTI--- Sharing experience Amita Prasad IAS Regional Commissioner Belgaum Division.

Sophie Honohan Barrister-at-Law, Accredited Mediator 21 st April, 2016 Health Identifiers Act Conference.

General Data Protection Regulation (EU 2016/679)

Data Protection Officer’s Overview of the GDPR

GUKEYEH GUK’EH GU’SANI Kaska Dena Good Governance Act

(Portfolio Committee on Justice and Correctional Services)

Data Protection: EU & International

Managing Data Protection

Overview of the Electricity Regulation Bill

General Data Protection Regulation

Establishing the Infrastructure for Radiation Safety Preparatory Actions and Initial Regulatory Activities.

Data Protection Legislation

State of the privacy union

G.D.P.R General Data Protection Regulations

GDPR Workshop MEU Symposium Prague 2018

Presentation transcript:

Data Protection and the GRA

1. Commentary on Data Protection 2. The GRA’s Role The Register Investigations, Mediation and Compensation Enforcement Notices Information Notices Codes of Practice Authorised Officers Presentation Overview

Data Protection -More than just Confidentiality Widespread misconception that DP exists only to ensure confidentiality In fact, confidentiality, although a key issue is only one of the reasons for DP legislation Advent of data-hungry systems and ability for instant transfer of large amounts of data make DP legislation more relevant now than many years ago Legislation exists to ensure personal data is processed in a manner which does not harm the individuals concerned Correct application of the principles will ensure this

The GRA’s Role

Supervisory Authority 21.(1) There shall be a Data Protection Commissioner (“the Commissioner”) who shall be independent in the exercise of his functions under this Ordinance. (2) The Data Protection Commissioner shall be the Gibraltar Regulatory Authority who shall perform the functions conferred by this Ordinance and any regulations enacted under it. Data Protection Ordinance 2004 Part IV Supervisory Authority

1- The Register 22.(1) The Commissioner shall establish and maintain a register (“the Register”) of processing operations and shall make, as appropriate, an entry in the register in respect of each application for registration accepted by the Commissioner. “processing of personal data” (“processing”) means any operation or set of operations which is performed on personal data, whether or not by automatic means, including collecting, storing, recording, organising, consulting, adaptation or alteration, retrieval, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction;

Section 22 (2) Members of the public may– (a)inspect the Register free of charge at all reasonable times and may take copies of, or of extracts from, any entry in the Register; (b)on payment to the Commissioner of any reasonable fee prescribed, obtain from the Commissioner a copy (certified by him or by a member of his staff to be a true copy) of, or of an extract from, any entry in the Register. The Register cont’d

Application for Registration 1. Form DP1A (Notification of Data Controller) 2. ALL processing operations must be registered 3. online (preferable) or manually 4. DC’s need not wait for confirmation from GRA to continue with processing of data 5. In Gibraltar, all DC’s have an OBLIGATION to register (apart from some exceptions written into the Ordinance)

2 - Investigations, Mediation and Compensation Powers granted by virtue of s25 DPO Commissioner may choose to investigate or may cause an investigation following a complaint from an individual Commissioner is to act as mediator in determining whether an individual has suffered damages due to DC acting in contravention of the DPO Aggrieved individuals are due compensation and the amount determined by the Commissioner Appeal on compensation to the Supreme Court

3 - Enforcement Notices Powers granted by virtue of s26 DPO Commissioner may issue Enforcement Notice if he believes a person has contravened the DPO May ask person involved to block, rectify, erase or destroy any of the data concerned “Urgent” Enforcement Notices are provided for and may be enforced by Commissioner if he deems fit

4 - Information Notices Powers granted by virtue of s27 DPO Commissioner may issue Information Notice in order to obtain information required to perform his function under the DPO “Urgent” Information Notices are provided for and may be enforced by Commissioner if he deems fit

5 - Codes of Practice Powers granted by virtue of s28 DPO Commissioner may promote the following of good practices in order that the DPO is complied with The Commissioner shall arrange for the effective dissemination of Community findings, decisions of the European Commission or any other relevant information as regards transfer of personal data to non EEA states The Commissioner shall encourage trade associations to devise codes of practice The Commissioner’s advice may be sought by bodies who prepare codes of practice

Codes of Practice (cont.) The Commissioner will encourage approved Codes of Conduct to be disseminated to data controllers concerned However, Commissioner may disapprove a Code in which case his decision will be communicated to parties involved Codes of practice written by or approved by, the Commissioner will be taken into consideration in any court proceedings

6 - Authorised Officers Powers granted by virtue of s29 DPO The Commissioner may, in writing, authorise persons to exercise the powers conferred to him under s25-29 of the DPO