2 part i and sections 7 18 22 23 25 1 26 and 28 came into operation on the 6th january 2012.
Breach section 55 data protection act.
1 this act may be cited as the data protection act.
Section 55 was most often used to prosecute those who had accessed healthcare and financial records without a legitimate reason.
Section 170 of the act builds on section 55 dpa 1998 which criminalised knowingly or recklessly obtaining disclosing or procuring personal data without the consent of the data controller and the.
There are changes that may be brought into force at a future date.
Under section 55 of the dpa a person who obtains personal data knowingly or recklessly without the consent of the data controller is potentially guilty of a criminal offence.
The ico brought the prosecution under section 55 dpa which provides a person must not knowingly or recklessly without the consent of a data controller obtain or disclose personal data or the information contained in personal data or procure the disclosure to another person of the information contained in personal data.
Data protection act an act to provide for the protection of personal privacy and information.
The previous data protection act the dpa 1998 criminalised knowingly or recklessly obtaining disclosing or procuring personal data without the consent of the data controller and the sale or offering for sale of that data section 55.
Sections 55a to 55e of the data protection act 1998 provide the commissioner with the power to serve a monetary penalty in the case of a data breach.
Practical law coverage of this primary source reference and links to the underlying primary source materials.
Section 55 data protection act 1998.
Data protection act 1998 section 55 is up to date with all changes known to be in force on or before 18 september 2020.
Report an unlawful use of personal data this form is for data controllers to report that data has been unlawfully obtained or disclosed a breach of section 55 of the data protection act to the ico.
Section 55a states that if there has been a serious contravention of the data protection principles the commissioner may serve the data controller with a monetary penalty notice.