Overview of UK Privacy Law, Part-2

Purpose of Data Protection Act 2018

The preamble of this act is clear and says that the Data Protection Act has been enacted to make the provisions for the regulation of the processing of information relating to individuals, make provisions in connection with the Information Commissioner’s functions under certain regulations relating to information, make provisions for a direct marketing code of practice and for connected purposes. So the preamble of Data Protection Act 2018 is clear about its purposes and it mentions about the following three things-

  1. Act is enacted to make the provisions for the regulation of the Processing of Information
  2. Make provisions about the Information Commissioner’s functions
  3. make provisions for a direct Marketing code of practice    
  4. any other connected/incidental purposes 

The act further clarifies some points, purposes under part 1 of the Act and gives an overview about the act, and they are –

  1. The Data Protection Act makes provision about the processing of personal Data
  2. Most of the processing of personal data is subject to the GDPR
  3. Part 1 of the Act is preliminary and provides an overview of the act and terms used therein
  4. Part 2 of the Act deals with general processing which covers scope and definitions 
  5. Part 3 deals with law enforcement processing containing total 6 chapters therein 
  6. Part 4 of the Act deals with the topic Intelligence Services Processing 
  7. Part 5 of the Act deals with the provisions related to the Information Commissioner 
  8. Part 6 deals with enforcement provisions 
  9. Part 7 states of Supplementary and Final Provisions 

Miscellaneous details about the UK Privacy world

After dealing with total 7 parts it is must to note that there are a total 20 schedules in the act which further provides some regulations, clarifications and throws some light on the provisions mentioned under Data Protection Act.

It is pertinent to note that the Applied GDPR herein means that the GDPR as applied by chapter 3 of Part 2 and when reference is given to GDPR then it means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016. 

The UK has varied GDPR by implementing its own meaning, methods, definition etc. the law should be read as in GDPR but qualified by the modified/varied terms and meaning of Data Protection Act 2018.

Picture credit- https://ico.org.uk/