Data Protection Bill (HL Bill 66)
EXPLANATORY NOTES
Explanatory notes to the Bill, prepared by the Department for Digital, Culture, Media and Sport and the Home Office, are published separately as HL Bill 66—EN.
EUROPEAN CONVENTION ON HUMAN RIGHTS
Lord Ashton of Hyde has made the following statement under section 19(1)(a) of the Human Rights Act 1998:
In my view the provisions of the Data Protection Bill [HL] are compatible with the Convention rights.
Contents
-
Part 1
Preliminary
-
Part 2
General processing
-
Chapter 1
Scope and definitions
-
Chapter 2
The GDPR
-
Meaning of certain terms used in the GDPR
-
Lawfulness of processing
-
Special categories of personal data
-
Rights of the data subject
-
Restrictions on data subject's rights
-
Accreditation of certification providers
-
Transfers of personal data to third countries etc
-
Specific processing situations
-
-
Chapter 3
Other general processing
-
Scope
-
Application of the GDPR
-
Exemptions etc
-
-
-
Part 3
Law enforcement processing
-
Chapter 1
Scope and definitions
-
Chapter 2
Principles
-
Chapter 3
Rights of the data subject
-
Overview and scope
-
Information: controller's general duties
-
Data subject's right of access
-
Data subject's rights to rectification or erasure etc
-
Automated individual decision-making
-
Supplementary
-
-
Chapter 4
Controller and processor
-
Overview and scope
-
General obligations
-
Obligations relating to security
-
Obligations relating to personal data breaches
-
Data protection officers
-
-
Chapter 5
Transfers of personal data to third countries etc
-
Overview and interpretation
-
General principles for transfers
-
Transfers to particular recipients
-
Subsequent transfers
-
-
Chapter 6
Supplementary
-
-
Part 4
Intelligence services processing
-
Chapter 1
Scope and definitions
-
Scope
-
Definitions
-
-
Chapter 2
Principles
-
Overview
-
The data protection principles
-
-
Chapter 3
Rights of the data subject
-
Overview
-
Rights
-
-
Chapter 4
Controller and processor
-
Overview
-
General obligations
-
Obligations relating to security
-
Obligations relating to personal data breaches
-
-
Chapter 5
Transfers of personal data outside the United Kingdom
-
Chapter 6
Exemptions
-
-
Part 5
The Information Commissioner
-
The Commissioner
-
General functions
-
International role
-
Codes of practice
-
Consensual audits
-
Information provided to the Commissioner
-
Fees
-
Charges
-
Reports etc
-
-
Part 6
Enforcement
-
Information notices
-
Assessment notices
-
Enforcement notices
-
Powers of entry and inspection
-
Penalties
-
Guidance
-
Appeals
-
Complaints
-
Remedies in the court
-
Offences relating to personal data
-
The special purposes
-
Jurisdiction of courts
-
Definitions
-
-
Part 7
Supplementary and final provision
-
Regulations under this Act
-
Changes to the Data Protection Convention
-
Rights of the data subject
-
Offences
-
The Tribunal
-
Definitions
-
Territorial application
-
General
-
Final
-
-
-
Special categories of personal data and criminal convictions
etc data -
-
Adaptations and restrictions based on Articles 6(3) and 23(1)
-
Restrictions based on Article 23(1): Restrictions of rules in
Articles 13 to 21 -
Restriction based on Article 23(1): Protection of rights of others
-
Restrictions based on Article 23(1): Restrictions of rules in
Articles 13 to 15 -
Exemptions etc based on Article 85(2) for reasons of freedom
of expression and information -
Derogations etc based on Article 89 for research, statistics and
archiving
-
-
Exemptions etc from the GDPR: health, social work, education
and child abuse data -
Exemptions etc from the GDPR: disclosure prohibited or
restricted by an enactment -
Accreditation of certification providers: reviews and appeals
-