Documents

 

Data Protection: A Practical Guide to UK and EU Law (5th Edition) Data Protection – a practical guide to UK
and EU law
(5th Edition)

 

Resources

The following documents, referred to in the 5th Edition of Data Protection – a practical guide to UK and EU law (Oxford University Press), are available for download here:

 

Chapter 1
The General Data Protection Regulation (GDPR)

 

Chapter 2
Article 29 Working Party Opinion on ‘substantially similar’ (WP 203)

 

Chapter 3
ICO Code of Practice on Privacy Notices, Transparency and Control
Article 29 Working Party Opinion on the legitimate interests ground for processing personal data within the EU (WP 217)

 

Chapter 4
Police and Criminal Justice Directive 2016/680
Data Protection Act 1998
The Data Protection Act 1998 (Commencement) Order 2000 (SI 2000/183)
The Data Protection (Corporate Finance Exemption) Order 2000 (SI 2000/184)
The Data Protection (Conditions under Paragraph 3 of Part II of Schedule 1) Order 2000 (SI 2000/185)
The Data Protection (Functions of Designated Authority) Order 2000 (SI 2000/186)
The Data Protection (Fees under section 19(7)) Regulations 2000 (SI 2000/187)
The Data Protection (Notification and Notification Fees) Regulations 2000 (SI 2000/188)
The Data Protection Tribunal (Enforcement Appeals) Rules 2000 (SI 2000/189)
The Data Protection (International Co-operation) Order 2000 (SI 2000/190)
The Data Protection (Subject Access) (Fees and Miscellaneous Provisions) Regulations 2000 (SI 2000/191)
The Data Protection Tribunal (National Security Appeals) Rules 2000 (SI 2000/206)
The Consumer Credit (Credit Reference Agency) Regulations 2000 (SI 2000/290)
The Data Protection (Subject Access Modifications) (Health) Order 2000 (SI 2000/413)
The Data Protection (Subject Access Modification) (Education) Order 2000 (SI 2000/414)
The Data Protection (Subject Access Modification) (Social Work) Order 2000 (SI 2000/415)
The Data Protection (Crown Appointments) Order 2000 (SI 2000/416)
The Data Protection (Processing of Sensitive Personal Data) Order 2000 (SI 2000/417)
The Data Protection (Miscellaneous Subject Access Exemptions) Order 2000 (SI 2000/419)
The Data Protection Tribunal (National Security Appeals) (Telecommunications) Rules 2000 (SI 2000/731)
The Data Protection (Designated Codes of Practice) (No. 2) Order 2000 (SI 2000/1864)
The Data Protection (Miscellaneous Subject Access Exemptions) (Amendment) Order 2000 (SI 2000/1865)
The Data Protection (Notification and Notification Fees) (Amendment) Regulations 2001 (SI 2001/3214)
The Data Protection (Subject Access) (Fees and Miscellaneous Provisions) (Amendment) Regulations 2001 (SI 2001/3223)
The Information Tribunal (Enforcement Appeals) (Amendment) Rules 2002 (SI 2002/2722)
The Data Protection (Processing of Sensitive Personal Data) (Elected Representatives) Order 2002 (SI 2002/2905)
The Freedom of Information and Data Protection (Appropriate Limit and Fees) Regulations 2004 (SI 2004/3244)
The Information Tribunal (National Security Appeals) Rules 2005 (SI 2005/13)
The Information Tribunal (Enforcement Appeals) Rules 2005 (SI 2005/14)
The Information Tribunal (Enforcement Appeals) (Amendment) Rules 2005 (SI 2005/450)
The Data Protection (Subject Access Modification) (Social Work) (Amendment) Order 2005 (SI 2005/467)
The Data Protection (Processing of Sensitive Personal Data) Order 2006 (SI 2006/2068)
The Data Protection Act 1998 (Commencement No. 2) Order 2008 (SI 2008/1592)
The Data Protection (Notification and Notification Fees) (Amendment) Regulations 2009 (SI 2009/1677)
The Data Protection (Processing of Sensitive Personal Data) Order 2009 (SI 2009/1811)
The Data Protection (Monetary Penalties) (Maximum Penalty and Notices) Regulations 2010 (SI 2010/31)
The Tribunal Procedure (Amendment) Rules 2010 (SI 2010/43)
The Data Protection (Monetary Penalties) Order 2010 (SI 2010/910)
The Data Protection (Processing of Sensitive Personal Data) (Elected Representatives) (Amendment) Order 2010 (SI 2010/2961)
The Data Protection Act 1998 (Commencement No. 3) Order 2011 (SI 2011/601)
The Data Protection (Subject Access Modification) (Social Work) (Amendment) Order 2011 (SI 1034/2011)
The Data Protection (Processing of Sensitive Personal Data) Order 2012 (SI 2012/1978)

 

Chapter 7
Article 29 Working Party Guidelines on the right to data portability (WP 242)

 

Chapter 9
ICO Guidance on the difference between data controllers and data processors
Article 29 Working Party in Opinion 05/12 on Cloud Computing (WP 196)

 

Chapter 11
Article 29 Working Party Guidelines on DPIAs and on determining whether processing is likely to result in a high risk under the GDPR (WP248)
ICO Code of Practice on Conducting Privacy Impact Assessments
ICO’s feedback request on profiling and automated decision-making
Article 29 Working Party’s Guidelines on Data Protection Officers (WP243)

 

Chapter 12
Article 29 Working Party’s Guidelines on Data Protection Officers (WP243)