Atnaujinkite slapukų nuostatas

Cornerstone on Information Law [Minkštas viršelis]

  • Formatas: Paperback / softback, 664 pages, aukštis x plotis x storis: 246x156x32 mm, weight: 1080 g
  • Serija: Cornerstone on...
  • Išleidimo metai: 27-Jun-2019
  • Leidėjas: Bloomsbury Professional
  • ISBN-10: 178451411X
  • ISBN-13: 9781784514112
Kitos knygos pagal šią temą:
Cornerstone on Information LawDidesnis paveikslėlis
  • Formatas: Paperback / softback, 664 pages, aukštis x plotis x storis: 246x156x32 mm, weight: 1080 g
  • Serija: Cornerstone on...
  • Išleidimo metai: 27-Jun-2019
  • Leidėjas: Bloomsbury Professional
  • ISBN-10: 178451411X
  • ISBN-13: 9781784514112
Kitos knygos pagal šią temą:
Pastovi nuoroda: https://www.kriso.lt/db/9781784514112.html
Raktažodžiai:
Cornerstone on Information Law is aimed at data protection officers and practitioners in Freedom of Information ('FOI')/environmental information; and also at lawyers, who may oversee their work but who are likely to have general rather than specialist knowledge in this area. FOI/environmental information practitioners are to be found in small teams in most public authorities (eg local and central government, quangos, universities, regulatory bodies). They handle information requests from the public under the Freedom of Information Act 2000 and the Environmental Information Regulations 2004. They have to judge when to disclose and to identify when exemptions are available. They are growing in number and status. Data protection officers exist in all major organisations across both the public and private sectors. Large organisations manage massive amounts of personal data, about their customers and users, their competitors, or their employees; and even medium-sized companies and bodies have to deal with data protection rules. Data protection officers advise their organisations on the handling of "subject access requests" from individuals to see their personal data, and on internal data management issues such as security and length of retention. They too are growing in number, and will acquire statutory status and an enhanced role within their organisations when the new Data Protection Regulation (which is nearing agreement in the EU) is implemented in the next 2-3 years. A new EU data protection framework is due to come into effect on 25 May 2018. It takes the form of a Regulation - the General Data Protection Regulation (GDPR). The GDPR will replace the current Directive and will be directly applicable in all Member States without the need for implementing national legislation. Whilst it does not apply until 25 May 2018 it contains some onerous obligations, many of which will take time to prepare for as it will have an immediate impact. Cornerstone on Information Law a practical guide focussed on data protection law, freedom of information and environmental information regulations, being one of the first books to take account of the GDPR. It provides practical advice to local authorities and small businesses to assist them with getting ready for the new framework going live.

Recenzijos

Although there have been commentaries on the subject over the years, comprehensive practical guides covering all aspects of this branch of the law have been scarce on the ground. This book fills the gap admirably...This is a book which no one who has serious responsibilities for information handling can afford to ignore. * The Commonwealth Lawyer *

Daugiau informacijos

Cornerstone on Information Law is a practical guide focussed on data protection law, freedom of information and environmental information regulations.
Table of Statutes
xvii
Table of Statutory Instruments
xxvii
Table of European Legislation
xxxi
Table of Cases
xxxvii
Part 1 Data Protection
1(1)
Section A Data Protection -- Main Provisions
1(112)
1 Introduction and Key Points
3(3)
2 GDPR and Data Protection Act 2018
6(14)
The GDPR
6(2)
Data Protection Act 2018
8(4)
The GDPR and the Act
12(1)
Structure and Main Provisions of the Act
13(2)
Recitals to the GDPR
15(1)
The DPPEC Regulations 2019
16(4)
3 Definitions in the GDPR and Territorial Scope
20(26)
Definitions
20(22)
Territorial Scope of the GDPR
42(2)
Territorial Scope of the UK Provisions after Brexit
44(2)
4 Data Protection Principles
46(10)
GDPR Data Protection Principles
46(7)
The New Accountability Principle
53(3)
5 Lawful Bases of Processing
56(49)
Six Lawful Bases
56(18)
LIA Test -- Preliminary Points
74(9)
Lawful Bases -- Special Categories
83(1)
Exemptions/Lawful Bases in GDPR, Article 9
84(5)
Substantial Public Interest Processing
89(16)
6 Transparency and Privacy Notices
105(8)
Transparency
105(1)
Privacy Notices
106(7)
Section B Individual Rights
113(54)
7 Right of Access
115(26)
Meaning of Access Request -- In Summary
116(1)
Access Requests in Detail
117(24)
8 Other Individual Rights
141(26)
Right to Rectification -- Articles 16 and 19 (and Recital 65)
141(5)
Right to Erasure -- Articles 17 and 19 (and Recitals 65 and 66)
146(3)
Right to Restriction of Processing -- Articles 18 and 19 (and Recital 67)
149(3)
Right to Data Portability -- Article 20 (and Recital 68)
152(4)
Right to Object -- Article 21(1) (and Recital 69)
156(7)
Automated Decision-Making, including Profiling -- Article 22 (and Recital 71)
163(4)
Section C Exemptions
167(44)
9 Exemptions under the DPA 2018
169(42)
Outline of Exemptions
169(4)
Exemptions in detail
173(38)
Section D Types of Data Processing Activity
211(36)
10 Sharing Personal Data
213(17)
ICO Data Sharing Code
214(16)
11 International Transfers
230(12)
Adequate Level' of Protection
231(1)
USA Transfers -- Safe Harbor and Privacy Shield
232(2)
Appropriate Safeguards
234(3)
Derogations
237(2)
Fallback: Non-Repetitive Transfer
239(1)
Cross-Border Flows of Data after Brexit
240(2)
12 Electronic Communications and Marketing
242(5)
Privacy and Electronic Communications Regulations
242(5)
Section E Precautions, Advice and Enforcement
247(48)
13 Data Protection Impact Assessments
249(16)
Background and when to conduct a DPIA
249(5)
Conducting a DPIA
254(8)
Other issues, including exemptions
262(3)
14 Data Protection Officer
265(8)
Designation of a DPO
265(3)
Position of the DPO
268(2)
Tasks of the DPO
270(3)
15 Data Breaches
273(1)
Assessing Risk
273(1)
Notification to ICO (GDPR, Article 33)
274(1)
Notification to Data Subjects (GDPR, Article 34)
275(3)
16 Enforcement and Appeals
278(17)
Information Notices
278(1)
Assessment Notices
279(2)
Enforcement Notices
281(1)
Powers of Entry
282(1)
Penalty Notices
283(6)
Complaints to ICO and Appeals to Tribunal
289(1)
Court Remedies
290(5)
Section F Law Enforcement Processing
295(12)
17 Law Enforcement Processing (DPA 2018, Part 3)
297(10)
Competent Authorities
297(1)
Data Protection Principles
298(2)
Rights of Data Subjects
300(2)
International Transfers
302(2)
Article 10 Processing (by persons other than `competent authorities')
304(3)
Part 2 Environmental Information
307(1)
Section A Introduction, Definition and Comparison with Freedom of Information
307(28)
18 The Breadth and Importance of Environmental Information
309(5)
Background to the EIR
310(1)
Relationship of EIR with the FOIA
311(3)
19 Definition of Environmental Information
314(16)
Regulation 2(1)(a) -- Elements of the Environment
315(1)
Regulation 2(1)(b) -- Factors Affecting the Elements
316(1)
Regulation 2(1)(c) -- Measures Affecting (or Protecting) the Elements or Factors
317(5)
Regulation 2(1)(d) -- Reports on the Implementation of Environmental legislation
322(1)
Regulation 2(1)(e) -- Cost-benefit and Other Economic Analyses
322(1)
Regulation 2(1)(f) -- The State of Human Health and Safety etc
323(7)
20 Similarities With, and Differences from, FOIA 2000
330(5)
Summary of how EIR and FOIA compare
330(5)
Section B Handling EIR Requests
335(14)
21 Handling EIR Requests
337(12)
Who is Subject to EIR
337(2)
Mixed EIR/FOI Requests
339(2)
DEFRA Code
341(2)
Aggregation of Public Interest Factors
343(1)
Presumption in Favour of Disclosure -- Article 12(2)
344(1)
Costs and Charges
344(5)
Section C Exemptions
349(58)
22 EIR Exceptions 1: Regulation 12(4)
351(22)
Information not Held -- Regulation 12(4)(a)
351(1)
Request Manifestly Unreasonable -- Regulation 12(4)(b)
352(5)
Request too General -- Regulation 12(4)(c)
357(1)
Material In Course of Completion etc -- Regulation 12(4)(d)
358(1)
Public Interest Test -- Regulation 12(4)(d)
359(7)
Internal Communications -- Regulation 12(4)(e)
366(7)
23 EIR Exceptions 2: Regulation 12(5) and Personal Data
373(34)
Harm Test
373(1)
Harm to International Relations, Defence, National Security or Public Safety-Regulation 12(5)(a)
374(8)
Course of Justice -- Regulation 12(5)(b)
382(5)
Intellectual Property Rights -- Regulation 12(5)(c)
387(3)
Confidentiality of Proceedings -- Regulation 12(5)(d)
390(3)
Confidentiality of Commercial or Industrial Information -- Regulation 12(5)(e)
393(7)
Interests of Voluntary Provider of Information -- Regulation 12(5)(f)
400(3)
Harm to the Environment -- Regulation 12(5)(g)
403(2)
Personal Data and EIR Requests -- Regulation 13
405(2)
Part 3 Freedom of Information
407(154)
24 Duties and Process
409(28)
FOI Duties
409(4)
Datasets
413(1)
Section 45 Code
413(1)
Application of Act: Public Authorities
414(6)
Charging for Requests: (I) Publication Scheme
420(1)
Charging for Requests: (II) Information Requests
421(2)
No Duty to Comply: (I) Cost Limit for FOI Requests
423(2)
No Duty to Comply: (II) Vexatious or Repeated Requests
425(4)
Handling Exemptions and the Public Interest Test
429(4)
Internal Review and Appeals
433(4)
25 Freedom of Information Exemptions 1
437(37)
Grouping of FOI Exemptions
437(1)
FOI Exemptions (sections 21--29)
438(36)
26 Freedom of Information Exemptions 2
474(59)
FOI Exemptions (sections 30--44)
474(59)
27 Personal Data in Information Requests
533(28)
Introduction
533(2)
Outline of FOIA 2000, s 40
535(1)
Requester's Own Data, and Joint `Third Party' Data
536(1)
Third Party Data which are not the Data of the Requester
537(1)
First condition
538(17)
Second condition
555(2)
Third condition
557(2)
EIR and Personal Data
559(1)
FOI/EIR Requests to `Competent Authorities'
560(1)
Appendices
561
Appendix 1 GDPR -- (informal) List of Provisions
561(6)
Appendix 2 Correlation Table between GDPR Recitals and Articles
567(8)
Appendix 3 Data Protection Resources
575(4)
Appendix 4 Environmental Information Regulations (`EIR') Resources
579(4)
Appendix 5 Freedom of Information Act (`FOIA') Resources
583(2)
Appendix 6 Re-use of Public Sector Information
585(4)
Index
589
Damien Welfare is a barrister at Cornerstone Barristers, who specialises in Information Law. His practice covers advice and representation on complex Data Protection, Freedom of Information (FOI) and Environmental Information Regulations (EIR) matters. He also provides well-received training seminars for Data Protection Officers, FOI or Information Officers, and lawyers in these fields. Damien came to the Bar in 2001, following a career in local government, and became involved in Information Law from the inception of the FOI and EIR regimes in 2005.

Both the seminars, in which he emphasises a practical approach, and his previous experience in the public sector, have informed the book, and the many examples within it. He has a particular interest in the EIR, which he considers have been over-shadowed by the FOI regime despite their importance. Recently, he has focused on the interpretation of the Data Protection Act 2018, and on the proposed future regime for data protection in the UK after Brexit.