At present, many human activities require people daily information and transmit or exchange some of their personal data, so it is necessary to work on the importance to the people the proper use, collection and transmission of personal information. Today, a growing number of companies use a database of its customers; company employees have full access to the personal data of clients (Lloyd, 2008, 7). Not surprisingly, the development of information technology and the proliferation of Internet experts on personal data protection are faced with an increasing amount of leakage of personal data from hackers and insiders. Therefore, the protection of personal data in organizations is not only a legal obligation, but also urgently needed. The data protection aims to ensure the privacy of individuals, the guard or protection of their privacy, which is the real possibility of controlling the use and purpose for which they are addressed relative to each individual and the power to oppose their use, preventing this information serves purposes not accepted by the owner (Davies, 2000, 114). In this paper, we are going to discuss a case regarding transfer to personal information unlawfully.
Briefly identify and explain the basis behind the area of law that covers the legal issues arising out of the case study
Protection of data varies from law to law, but European Union has most appropriate and efficient data protection law as compared to any other region this world. The law consists of strict penalties for the person who violets the law. Legal issue covered in this case is followed by Data Protection Act. The rationale behind this reason is that this law regulates the use of personal data processed by any organization. The 1998 Act covers all data collection or processing that is in any sense organised - by electronic or other means - and this includes personal data recorded on audio or videotape, so UK data protection is now extended to all research methodologies - quantitative and qualitative. The UK Act (the DPA) took a minimalist approach and came fully into force on 23 October 2001 (Elbra, 2004, 66). Like the Human Rights Act and market research codes of conduct, the DPA is principles-based and therefore, open to interpretation.
That interpretation is ultimately the responsibility of the Information Commission but has been influenced by direct and detailed discussions between the Commission and a market research industry taskforce in which the MRS (Market Research Society) and AQR (Association of Qualitative Research) were represented. Most qualitative researchers and recruiters will need to notify with (or register) with the Information Commission as they will be "controlling" personal data (Chalton, 2008, 77). On of the rationale behind choosing this law is that Susan and Peter both breached principles of this law. There are eight data protection principles enshrined in the Act that can be broadly summarised as:
Personal data must be processed fairly and lawfully.
Personal data can only be used for the specified and lawful purposes for which they were ...