For documents relating to 'Data Protection - a practical guide to UK and EU law (5th Edition), click here
Data Protection – a practical guide to UK and EU law (6th Edition)
Resources
The following documents, referred to in the 6th Edition of Data Protection – a practical guide to UK and EU law (Oxford University Press), are available for download here:
Chapter 1 The General Data Protection Regulation (GDPR)
Chapter 3 Article 29 Working Party Opinion on the legitimate interests ground for processing personal data within the EU (WP 217)
Chapter 4
Law Enforcement Directive (2016/6802)
Chapter 5
ICO Guidance on Privacy by Design and Default
Chapter 6
Article 29 Working Party Referential on Adequacy (WP254)
Model Contractual Clauses - 2001 controller to controller
Model Contractual Clauses - 2004 controller to controller
Model Contractual Clauses - 2010 controller to processor
Article 29 Working Party Document on BCRs for Controllers (WP256)
Article 29 Working Party Document on BCRs for Processors (WP257)
Please note that some early versions of Edition 6 contained a pre-Schrems II draft of chapter 6.
The new version of Chapter 6 can be downloaded here.
Chapter 7
ICO Detailed Guidance on Subject Access Requests (October 2020)
Article 29 Working Party Guidelines on the right to data portability (WP 242)
Article 29 Working Party Guidelines on the implementation of the Google Spain case
Chapter 9
ICO Checklist for Using Processors
ICO Guidance on Responsibilities when using a Processor
Article 29 Working Party in Opinion 05/12 on Cloud Computing—WP 196
Chapter 11
Article 29 Working Party Guidelines on DPIAs and on determining whether processing is likely to result in a high risk (WP 248)
ICO Guidance on data protection impact assessments
UK Surveillance Camera Commissioner template for conducting DPIAs for surveillance camera systems
Article 29 Working Party Guidelines on automated individual decision-making and profiling (WP251)
ICO Guidance on automated decision-making and profiling
Article 29 Working Party’s Guidelines on Data Protection Officers (WP 243)
Chapter 12
Article 29 Working Party’s Guidelines on Data Protection Officers (WP 243)
Data Protection – a practical guide to UK and EU law (5th Edition)
Resources
The following documents, referred to in the 5th Edition of Data Protection – a practical guide to UK and EU law (Oxford University Press), are available for download here:
Chapter 1 The General Data Protection Regulation (GDPR)
Chapter 2 Article 29 Working Party Opinion on ‘substantially similar’ (WP 203)
Chapter 3 ICO Code of Practice on Privacy Notices, Transparency and Control Article 29 Working Party Opinion on the legitimate interests ground for processing personal data within the EU (WP 217)
Chapter 4 Police and Criminal Justice Directive 2016/680 Data Protection Act 1998 The Data Protection Act 1998 (Commencement) Order 2000 (SI 2000/183) The Data Protection (Corporate Finance Exemption) Order 2000 (SI 2000/184) The Data Protection (Conditions under Paragraph 3 of Part II of Schedule 1) Order 2000 (SI 2000/185) The Data Protection (Functions of Designated Authority) Order 2000 (SI 2000/186) The Data Protection (Fees under section 19(7)) Regulations 2000 (SI 2000/187) The Data Protection (Notification and Notification Fees) Regulations 2000 (SI 2000/188) The Data Protection Tribunal (Enforcement Appeals) Rules 2000 (SI 2000/189) The Data Protection (International Co-operation) Order 2000 (SI 2000/190) The Data Protection (Subject Access) (Fees and Miscellaneous Provisions) Regulations 2000 (SI 2000/191) The Data Protection Tribunal (National Security Appeals) Rules 2000 (SI 2000/206) The Consumer Credit (Credit Reference Agency) Regulations 2000 (SI 2000/290) The Data Protection (Subject Access Modifications) (Health) Order 2000 (SI 2000/413) The Data Protection (Subject Access Modification) (Education) Order 2000 (SI 2000/414) The Data Protection (Subject Access Modification) (Social Work) Order 2000 (SI 2000/415) The Data Protection (Crown Appointments) Order 2000 (SI 2000/416) The Data Protection (Processing of Sensitive Personal Data) Order 2000 (SI 2000/417) The Data Protection (Miscellaneous Subject Access Exemptions) Order 2000 (SI 2000/419) The Data Protection Tribunal (National Security Appeals) (Telecommunications) Rules 2000 (SI 2000/731) The Data Protection (Designated Codes of Practice) (No. 2) Order 2000 (SI 2000/1864) The Data Protection (Miscellaneous Subject Access Exemptions) (Amendment) Order 2000 (SI 2000/1865) The Data Protection (Notification and Notification Fees) (Amendment) Regulations 2001 (SI 2001/3214) The Data Protection (Subject Access) (Fees and Miscellaneous Provisions) (Amendment) Regulations 2001 (SI 2001/3223) The Information Tribunal (Enforcement Appeals) (Amendment) Rules 2002 (SI 2002/2722) The Data Protection (Processing of Sensitive Personal Data) (Elected Representatives) Order 2002 (SI 2002/2905) The Freedom of Information and Data Protection (Appropriate Limit and Fees) Regulations 2004 (SI 2004/3244) The Information Tribunal (National Security Appeals) Rules 2005 (SI 2005/13) The Information Tribunal (Enforcement Appeals) Rules 2005 (SI 2005/14) The Information Tribunal (Enforcement Appeals) (Amendment) Rules 2005 (SI 2005/450) The Data Protection (Subject Access Modification) (Social Work) (Amendment) Order 2005 (SI 2005/467) The Data Protection (Processing of Sensitive Personal Data) Order 2006 (SI 2006/2068) The Data Protection Act 1998 (Commencement No. 2) Order 2008 (SI 2008/1592) The Data Protection (Notification and Notification Fees) (Amendment) Regulations 2009 (SI 2009/1677) The Data Protection (Processing of Sensitive Personal Data) Order 2009 (SI 2009/1811) The Data Protection (Monetary Penalties) (Maximum Penalty and Notices) Regulations 2010 (SI 2010/31) The Tribunal Procedure (Amendment) Rules 2010 (SI 2010/43) The Data Protection (Monetary Penalties) Order 2010 (SI 2010/910) The Data Protection (Processing of Sensitive Personal Data) (Elected Representatives) (Amendment) Order 2010 (SI 2010/2961) The Data Protection Act 1998 (Commencement No. 3) Order 2011 (SI 2011/601) The Data Protection (Subject Access Modification) (Social Work) (Amendment) Order 2011 (SI 1034/2011) The Data Protection (Processing of Sensitive Personal Data) Order 2012 (SI 2012/1978)
Chapter 7 Article 29 Working Party Guidelines on the right to data portability (WP 242)
Chapter 9 ICO Guidance on the difference between data controllers and data processors Article 29 Working Party in Opinion 05/12 on Cloud Computing (WP 196)
Chapter 11 Article 29 Working Party Guidelines on DPIAs and on determining whether processing is likely to result in a high risk under the GDPR (WP248) ICO Code of Practice on Conducting Privacy Impact Assessments ICO’s feedback request on profiling and automated decision-making Article 29 Working Party’s Guidelines on Data Protection Officers (WP243)
Chapter 12 Article 29 Working Party’s Guidelines on Data Protection Officers (WP243)
Chapter 7 Article 29 Working Party Guidelines on the right to data portability (WP 242)
Chapter 9 ICO Guidance on the difference between data controllers and data processors Article 29 Working Party in Opinion 05/12 on Cloud Computing (WP 196)
Chapter 11 Article 29 Working Party Guidelines on DPIAs and on determining whether processing is likely to result in a high risk under the GDPR (WP248) ICO Code of Practice on Conducting Privacy Impact Assessments ICO’s feedback request on profiling and automated decision-making Article 29 Working Party’s Guidelines on Data Protection Officers (WP243)
Chapter 12 Article 29 Working Party’s Guidelines on Data Protection Officers (WP243)
|