Part 5 The Information Commissioner (ss 114-141)
Part 5 The Information Commissioner (ss 114-141)

114 The Information Commissioner

(1)     There is to continue to be an Information Commissioner.

(2)     Schedule 12 makes provision about the Commissioner.

115 General functions under the GDPR [UK GDPR] and safeguards

(1)     The Commissioner is to be the supervisory authority in the United Kingdom for the purposes of Article 51 of the GDPR.

(2)     General functions are conferred on the Commissioner by—

(a)     Article 57 of the GDPR [UK GDPR] (tasks), and

(b)     Article 58 of the GDPR [UK GDPR] (powers),

(and see also the Commissioner's duty under section 2 [and section 28(5)]).

(3)     The Commissioner's functions in relation to the processing of personal data to which the GDPR [UK GDPR] applies include—

(a)     a duty to advise Parliament, the government and other institutions and bodies on legislative and administrative measures relating to the protection of individuals' rights and freedoms with regard to the processing of personal data, and

(b)     a power to issue, on the Commissioner's own initiative or on request, opinions to Parliament, the government or other institutions and bodies as well as to the public on any issue related to the protection of personal data.

(4)     The Commissioner's functions under Article 58 of the GDPR [UK GDPR] are subject to the safeguards in subsections (5) to (9).

(5)     The Commissioner's power under Article 58(1)(a) of the GDPR [UK GDPR] (power to require a controller or processor to provide information that the Commissioner requires for the performance of the Commissioner's tasks under the GDPR [UK GDPR]) is exercisable only by giving an information notice under section 142.