The Data Protection Act and Role of the Information Commissioner in this Act - Coursework Example

Briefly identify and explain the rationale behind the area of law that covers the legal issues arising out of the case study? Since information is delicate especially personal data about users or employees for instance students in our case, the laws barring unauthorized users from access to, and obtaining personal data without the owners’ authority is illegal and punishable under the eight principle laws of data handling and management (Bell, 2001). Appointing Susan to be the president was enough to determine how important is the portfolio, since it would not be possible to entrust a stranger with such a daunting task of maintaining the integrity and security of college data which would dictate the lives of many students pursuing respective courses (Van, 2005). However, moving with the information that belongs to the University in a personal purse especially in a bar is another offense apart from leaving it behind in a bar since the information content which is of high value to the University would be compromised (Van, 2005). When not on official duty, it is adept to leave behind any information and materials that belongs to college. This information does not only apply to college situation, but also other place of work since at one moment an individual would either lose all data due to ignorance and malice. Since ignorance has got no defense, Susan should not be proud of backing up information when she just walks with the backup files anyhow, back up should be protected and kept at the most preferred place (Bell, 2001). What are the main principles of the Data Protection Act that Susan has breached? Processing the data outside the rights of data subject under the act is wrong. For instance Susan processed the data for Peter to use outside the organizational act for his business purpose. This is unlawful and both Susan and Peter should face the law for infringing the sixth principle law of personal data act (Bainbridge, 2001). Susan should be penalized; she went against the seventh principle which states that organizational measures shall be taken against unauthorized processing of personal data. Hence, on admitting to pocket the £1000, she already compromised organization’s data integrity (Miller, 2011). As the president, everyone had to blame Susan for the fault being that she was the sole authority responsible for data security and integrity within the organization. Since she breached the second principle law that governs personal data, nobody should alter the sole purpose of the data (Bell, 2001). In addition, confirming the second and third principles of data protection which Susan did not adhered to stresses on the use of personal data, which should be in a manner compatible with the purpose and reasons as to why the data was stored in the database system. She would not have released any personal data since the information Peter intended to convey was not relevant to the organization and the respective purpose for using the information (Van, 2005). Having leaked personal information of the students and colleges within the university to Peter who operates from an external entity, electronic information can be sent to any part of the world. Susan breached the eighth principle of data protection which states that data should only be used within the European economic area; this restriction is based on level of information security (Miller, 2011). To affirm the statement, we realize that not only junk mails were received by her colleges but also the database system that runs the university programs was hacked. Hacking would only result when information regarding a system is leaked to the interested parties who would act with malice to compromise the organization (Bainbridge, 2001). What are the main principles of the Data Protection Act that Peter has breached? Peter acted against the second principle law of data handling since he obtained personal data unlawfully from Susan for a different purpose from what the data was meant for hence causing alarm on how junk advertisement data is being received by the members of a computer society (Bainbridge, 2001). Peter had known that it is an offense to obtain personal data without authority from the owner, in order for him to be able to receive personal information of the members within the organization he had to bribe Susan. Bribe is an offense punishable hence both of them unlawfully transacted personal information from the organization (Miller, 2011). Contacting people through their personal contacts without request for acknowledgement is an offense and breach to personal information. However, through convincing approach, he would have gained trust in Susan hence strategize on a better way through which Susan would mobilize the parties to meet and discuss further their issues (Van, 2005). The fifth principle of data protection also bars individuals from storing personal data for longer than necessary. This implies that Peter did not only acquire the personal information and use for the wrong purpose but also stored personal data for longer than the required duration. In addition, he disobeyed the eighth principle since he requested for data transfer from a territory outside the university (Van, 2005). This would compromise the integrity of the personal data obtained since the information would have been used anonymously to commit offenses anywhere in the world. Such malicious perceptions are possible since the invention and innovation of information technology which entails myriad of data mining and manipulation strategies (Miller, 2011). How could Susan have passed on the personal data of members to Peter lawfully? Personal data should be kept personal as the term dictates since it calls for probing questions like how, who, what and the reasons why an individual should release personal data (Bell, 2001). Susan would have considered engaging Peter in direct conversation to get the insight of the whole issue in order to be able to convince the respective students and users. However, through such approach Susan would have realized the interested parties in the advertisement; after conferring with the account owners on the possibility of either submitting their personal data to Peter of introducing them to him to enhance direct conversation about selling his advertisement slogans (Bainbridge, 2001). This would have been appropriate for both parties since Peter would not waste time sending junk mails irrespective of the receivers’ perception towards the same, and also Susan would not have compromised personal information from the University (Van, 2005). Briefly explain the role of the Information Commissioner in relation to the Data Protection Act? Information commissioner is responsible for many issues within the data protection act which are not limited to approving customer information in accordance with the instruction required. However, the commissioner is authorized to process customer’s personal data for the purpose of, and in accordance with the agreed service under the outsourced contract (Van, 2005). Ensuring that both the organizational and technical measures are put in place to protect customer information against unlawful access of authorization, disclosure or processing of data in a way that would compromise personal information. As a commissioner, an officer is able to decide on the use of customer’s personal data with options for suggesting and dictating both sources and uses of data (Bell, 2001). However, the commissioner is also able to perform activities outside the agreed scope and customer instruction as well as using the customer data for his/ her own product development, research or any other purpose that is appropriate (Bainbridge, 2001). References Bainbridge, D.I, 2001, Introduction to Information Technology Law Sixth Ed, Pearson Longman Bell, D., 2001, An Introduction to Cybercultures, London: Routledge. Miller, 2011, Understanding Digital Culture, Sage Van Dijk, J., 2005, The Network Society: Social Aspects of New Media, Second Edition, London: SAGE Publications Read More