How is the law on Data Protection changing?

The General Data Protection Regulations (GDPR) will apply in the UK from 25th May 2018.

The government has confirmed that the UK’s decision to leave the EU will not affect their commencement.

They apply to ‘controllers’ and ‘processors’. The controller says how and why personal data is processed and the processor acts on the controller’s behalf. If you are currently subject to the Data Protection Act, it is likely that you will also be subject to the GDPR.

If you are a processor, the GDPR places specific legal obligations on you; for example, you are required to maintain records of personal data and processing activities. You will have significantly more legal liability if you are responsible for a breach. These obligations for processors are a new requirement under the GDPR.

However, if you are a controller, you are not relieved of your obligations where a processor is involved – the GDPR places further obligations on you to ensure your contracts with processors comply with the GDPR.

Read more…

Where do I register copyright?

Copyright protects your work and stops others from using it without your permission.

There isn’t an “official” register of copyright works in the UK, unlike Trade Marks.

You get copyright protection automatically, you don’t have to apply or pay a fee, when you create:

  • original literary, dramatic, musical and artistic work, including illustration and photography
  • original non-literary written work, such as software, web content and databases
  • sound and music recordings
  • film and television recordings
  • broadcasts
  • the layout of published editions of written, dramatic and musical works

There are other ways of protecting Intellectual Property. Read more…

What will happen with the law as Britain leaves the EU?

Much of the UK’s current legislation is derived from the European Union. When the UK leaves the EU there needs to be a level of continuity. To provide this the Government intends to introduce the Great Repeal Bill which will do three things:

  1. Repeal the European Communities Act 1972. This legislation provides legal authority for EU law to have effect as national law in the UK. This will no longer be the case after Brexit.
  2. Bring all EU laws onto the UK statute books. This means that laws and regulations made over the past 40 years while the UK was a member of the EU will continue to apply after the Prime Minister triggered Article 50 on 29 March.
  3. Create powers to make secondary legislation. Technical problems will arise as EU laws are put on the statute book. For instance, many EU laws mention EU institutions in which the UK will no longer participate after Brexit, or mention “EU law” itself, which will not be part of the UK legal system after Brexit. There will not be time for Parliament to scrutinise every change, so the bill will give ministers some powers to make these changes by secondary legislation, which is subject to less scrutiny by MPs.

Do I really need to register to hold personal data?

The Data Protection Act 1998 requires everyone  (e.g. organisations, sole traders, etc) that process personal information (data controllers) to register with the Information Commissioner’s Office (ICO), unless they are exempt.

On the Information Commissioner’s website is a registration self assessment which takes about 5 minutes to complete. By going through the questions you will be able to decide if you – as an individual or on behalf of your business or organisation – need to register with the ICO.

Start the registration self assessment. (this is a link to the  ICO website)

As a retailer do I have to charge the price advertised on goods?

This is an interesting question which the group I was in debated at the F2 Business Huddle on Friday 10th February 2017.

Funnily enough on 13th February the BBC reported that customers of a large retail brand are being overcharged by out of date offers read more…

Without going into too much detail of contract law, the price marked on goods is called an invitation to treat. The customer offers an amount of money which may be accepted by the retailer (or it may not). Of course, if the customer’s offer is the same as the amount marked on the goods the retailer is more likely to accept it, but the important point is that they don’t have to.

That is why a retailer is perfectly correct to refuse to sell a 50″ Flat Screen TV which has been mis-priced at £49.99 when it should be £349.99. What they should do is withdraw it from sale rather than just charging the higher price. Because if the retailer charges more than the price marked on the goods then they may breach The Consumer Protection from Unfair Trading Regulations 2008. This is also the case when the till is programmed with a higher price to that marked on the goods.

Do remember that, although not often used in retail shops in the UK, haggling is perfectly feasible.

How can I find out if a business is authorised by the Financial Conduct Authority?

The Financial Conduct Authority (FCA) is the conduct regulator for 56,000 financial services firms and financial markets in the UK and the prudential regulator for over 24,000 of those firms. This includes authorising Consumer Credit (including hire) Business.

The public register of authorised businesses can be found here.

What are the potential consequences of unlicensed credit trading?

Carrying out unauthorised credit business is an offence punishable by up to two years imprisonment or a fine or both. It can also mean that any agreements made are unenforceable and can be taken into consideration if an application for authorisation is made.

An individual carrying out a consumer credit business, appeared at Westminster Magistrates Court on 17th January 2017 charged with offences under the Consumer Credit Act 1974 and the Financial Services and Markets Act 2000. The case was sent to Southwark Crown Court for trial, and a Plea and Trial Preparation Hearing is provisionally listed to be heard on 14 February 2017.

It was alleged that the individual operated as an unlicensed consumer credit lender and conducted regulated activity without authorisation by entering into and administering regulated credit agreements as a lender. This type of financial service was licensed by the Office of Fair Trading (OFT) until 1 April 2014, when it became regulated by the Financial Conduct Authority (FCA).

This is the first time that the FCA has taken criminal action in a case related to its consumer credit powers.

 

 

 

 

 

What activities are regulated by the Data Protection Act?

The Act regulates the processing of personal data. Processing means:

Obtaining it

Recording it

Holding it

Carrying out any operation on it including:

(a) organising, adapting or altering it

(b) retrieving, consulting or using it

(c) disclosing it by transmission, dissemination or otherwise making it available, or

(d) aligning, combining, blocking, erasing or destroying it.

If you have concerns about compliance with the Data Protection Act our Data Protection MOT may be just for you. Read more…

What is sensitive personal data?

Sensitive personal data means personal data consisting of information as to –

(a) the racial or ethnic origin of the data subject,

(b) their political opinions,

(c ) their religious beliefs or other beliefs of a similar nature,

(d) whether they are a member of a trade union (within the meaning of the Trade Union and Labour Relations (Consolidation) Act 1992),

(e) their physical or mental health or condition,

(f) their sexual life,

(g) the commission or alleged commission by them of any offence, or

(h) any proceedings for any offence committed or alleged to have been committed by them, the disposal of such proceedings or the sentence of any court in such proceedings.

If you have concerns about compliance with the Data Protection Act our Data Protection MOT may be just for you. Read more…