Unlawfully obtaining data under the Data Protection Act 1998 [Archived]

Produced in partnership with Professor Dan Hyde of Harrison Clark Rickerbys

Practice notes

Unlawfully obtaining data under the Data Protection Act 1998 [Archived]

Produced in partnership with Professor Dan Hyde of Harrison Clark Rickerbys

Practice notes

Archived: This Practice Note has been archived and is not maintained.

This Practice Note relates to the commission of Data protection offences before 25 May 2018. Where a data protection offence occurred before 25 May 2018, it may still be prosecuted under the Data Protection Act 1998 (DPA 1998) despite the fact that the legislation has been repealed by the Data Protection Act 2018 (DPA 2018). Where an offence is committed on or after 25 May 2018, charges should be considered under DPA 2018. See Practice Note: Offences under the Data Protection Act 2018.

The offences of unlawful obtaining of Personal data under the DPA 1998

Note these offences cannot be committed after 25 May 2018.

DPA 1998 includes various criminal offences that can be prosecuted by the Information Commissioner or the Director of Public Prosecutions, who must give their consent for such prosecutions.

Unlawfully obtaining personal data

DPA 1998, s 55 makes it an offence to unlawfully obtain personal data. It states that a person must not knowingly

Access this content for free with a 7 day trial of LexisNexis and benefit from:

Instant clarification on points of law
Smart search
Workflow tools
42 practice areas

Would you also like a quote?

I confirm I am a lawyer or work in a legal capacity, intend to use LexisNexis products for business purposes and agree with the terms and conditions.^**

^**Trials are provided to all LexisNexis content, excluding Practice Compliance, Practice Management and Risk and Compliance, subscription packages are tailored to your specific needs. To discuss trialling these LexisNexis services please email customer service via our online form. Free trials are only available to individuals based in the UK, Ireland and selected UK overseas territories and Caribbean countries. We may terminate this trial at any time or decide not to give a trial, for any reason. Trial includes one question to LexisAsk during the length of the trial.

Professor Dan Hyde

Partner, HCR Law

Professor Dan Hyde writes, lectures and practises innovative law. A pioneer of the law as it applies to emerging tech he is a leading cybersecurity lawyer and advised the Law Commission on its recent review of cybersecurity and data protection law in the UK. He delivers talks around the World, is a Visiting Professor of Law at Queen Mary, University of London and authored the first UK published books on cybersecurity law and the international regulation and challenges of cryptocurrency and blockchain. He is a partner at Harrison Clark Rickerbys and has been instructed in a number of high profile, ground breaking cases which frequently involve elements of cyber and emerging tech.

An Officer of the International Bar Association he has been described by the Legal 500 as “a lawyer of the highest calibre”. Dan's commentaries have broadcast on national and international television and featured in the national press.

Jurisdiction(s):

United Kingdom

Key definition:

Data protection definition

What does Data protection mean?

In an employment context, this refers to the obligation on an employer to protect the data of its employees and ensure that it complies with the law on how it uses the employees' data.

Unlawfully obtaining data under the Data Protection Act 1998 [Archived]

Produced in partnership with Professor Dan Hyde of Harrison Clark Rickerbys

Unlawfully obtaining data under the Data Protection Act 1998 [Archived]

Produced in partnership with Professor Dan Hyde of Harrison Clark Rickerbys