Data Protection Act: Section 35

Part 35 Disclosures required by law or made in connection with legal proceedings 

(1) Personal data are exempt from the non-disclosure provisions where the disclosure is required by or under any enactment, by any rule of law or by the order of a court.

(2) Personal data are exempt from the non-disclosure provisions where the disclosure is necessary—

(a) for the purpose of, or in connection with, any legal proceedings (including prospective legal proceedings), or

(b) for the purpose of obtaining legal advice,

or is otherwise necessary for the purposes of establishing, exercising or defending legal rights.

Data Protection Act: Section 27

Section 27 Data Protection Act

(1) References in any of the data protection principles or any provision of Parts II and III to personal data or to the processing of personal data do not include references to data or processing which by virtue of this Part are exempt from that principle or other provision.

(2) In this Part “the subject information provisions” means—

(a) the first data protection principle to the extent to which it requires compliance with paragraph 2 of Part II of Schedule 1, and

(b) section 7.

(3) In this Part “the non-disclosure provisions” means the provisions specified in subsection (4) to the extent to which they are inconsistent with the disclosure in question.

(4) The provisions referred to in subsection (3) are—

(a) the first data protection principle, except to the extent to which it requires compliance with the conditions in Schedules 2 and 3,

(b) the second, third, fourth and fifth data protection principles, and

(c) sections 10 and 14(1) to (3).

(5) Except as provided by this Part, the subject information provisions shall have effect notwithstanding any enactment or rule of law prohibiting or restricting the disclosure, or authorising the withholding, of information.

Data Misuse: Examples of Police Data Misuse

Below are examples of the police misusing data. While the list is, thankfully, small, two things must be remembered:

Firstly the list only contains examples of police misusing data AND getting caught AND being arrested/convicted AND it being reported AND it being based in the UK AND being listed on this site  – this is a is a very limiting Boolean statement.

Secondly, the intent is not to show that the police are 100% corrupt, or imply that they are all taking backhanders, the list merely shows that these incidents occur and that data is not 100% safe with any organization. People are faliable and make errors, both in data handling and in judgment.

Examples of Police Data Misuse in the UK

Data Theft: Parliment

With the recent expose of politicians expenses, which came from a person taking data from Parliment, MPs want this leak stopped, and have apparently approached the police to investigate.

But, according to the Times, the in house legal team for parliament have told MPs that there is not a criminal offense, but rather a breach of contract.

This is wise advice, following the debacle of Damien Green.

The reason is that Section 55 of the data protection act, which effectively criminalizes data “theft” [strictly speaking its not theft, as no property has been stolen], has a provision that allows for data to be leak for public benifit. Section 55(2) (a) of the DPA  states that it is not an offence to if to take the data if in “the particular circumstances the obtaining, disclosing or procuring was justified as being in the public interest.” In addition to this the Data Protection Act was amended by Criminal Justice and Immigration Act, allowing leaking of information for journalistic purposes

Leaking of information can often have a benefit to a community, and thankfully UK law recognizes this, and the MPs are now realizing this.

As data about MPs is leaked, this once again reminds us why too much data about you, stored about the government, even if its technically legal (most expenses are “within the rules”) is not a good idea.
the person who duplicated the vast volume of MPs’ invoices and other material had committed a breach of contract but not a criminal offence.

UK Law: Madoff Data

In an unusual, but not unsurprising move, the UK courts have allowed Madoff data to be sent to the US for further investigation.

Bernie Madoff, who was recently sent to prison for the $65 billion fraud, had companies in the UK as well as the US. The  liquidator in thies case Irving Pickard has requested specific data to be sent to the US, which the judge has allowed, but has not allowed all of the data to go, in a blanket ruling.

In the UK the data protection act prevents data from being sent out of the EU (under the 8th principle), unless there are adequate safe guards. There are exceptions, as there are with all laws, one of these is that if it is in the public interest the data should be allowed to move.


Get every new post delivered to your Inbox.

Join 29 other followers