Q&As

Does the publishing of notaries personal details on a faculty office website breach the provisions of the Data Protection Act 1998?

read titleRead full title
Published on LexisPSL on 27/06/2017

The following Information Law Q&A provides comprehensive and up to date legal information covering:

  • Does the publishing of notaries personal details on a faculty office website breach the provisions of the Data Protection Act 1998?
  • Obligations under the DPA 1998
  • Fair processing
  • Conditions for processing

Any analysis of compliance with the Data Protection Act 1998 (DPA 1998) is likely to involve a consideration of whether the relevant data subjects have been informed how their data will be processed (including how their data may be shared) by the data controller and whether consent has been given.

Publication of personal data on a website, and making that data available on a downloadable spreadsheet, are likely to constitute separate processing activities. To mitigate the risk of a breach of the DPA 1998, it would need to be demonstrated that the requirements described below are met in respect of all processing undertaken by the data controller.

Obligations under the DPA 1998

The DPA 1998 obliges data controllers handling personal data to comply with eight core data protection principles (see Practice Note: Data protection principles under the DPA 1998). The first data protection principle set out in DPA 1998, Sch 1, Pt I requires data controllers processing personal data to:

  1. process that personal data fairly and lawfully; and

  2. meet at least one of the conditions for processing in DPA 1998, Sch 2

In this context, ‘processing’ includes the di

Related documents:

Popular documents