*

Crime Reduction Toolkits

Intelligence and Information
Crime - Let's bring it down
  
* *
*
* *
*Front Page | Site Help | Search | Contact Us | Site Map

 
*
*
Toolkits Homepage
*
Toolkits Content
*
*
Introduction
*
What do we know
*
Local Solutions
*
Tackling The Problem
*
Making It Happen
*
Resources
*
Innovation
*
Practical Tools
*
Contact Points
*
*
*

Toolkit Index

Establishing whether information is being fairly and lawfully processed

Schedule 1 (Principle 1) outlines that personal data must be processed fairly and lawfully and shall not be processed unless at least one of the following six conditions in Schedule 2 is met:

  • individual to whom the information relates has given their consent

or where the processing is necessary for

  • the performance of a contract with the individual concerned

  • the exercise of a legal obligation

  • the protection of the vital interests of the individual concerned

  • the exercise of a public function

  • the purposes of the of legitimate interests pursued by you or a third party do not outweigh the rights and freedoms of the individual concerned.

The majority of crime reduction disclosures will comply with schedule 2 because they constitute a public function. Section 17 of the Crime & Disorder Act 1998 provides a general duty on Local and Police Authorities, and Joint National Parks and the Broads Authorities to do all that they reasonably can to prevent crime & disorder in their locality.

Schedule 3 of the Data Protection Act covers the processing of information, which falls into the Personal (sensitive) data category.  This should only proceed when one of the conditions in Schedule 3 is also met, for sensitive personal data.

Processing may take place:

  • where the explicit consent of the individual to whom the information relates has been obtained or where it is necessary:

or where it involves

  • compliance with a legal duty

  • the protection of the vital interests of the individual

  • certain non-profit making bodies

  • the information has been deliberately put in the public domain by the individual concerned

  • exercising legal rights

  • carrying out crown, ministerial or statutory functions

  • for medical purposes by a health professionals or similar

  • racial or ethnic monitoring for equal opportunities purposes

  • the personal data are processed in circumstances specified by order, namely the Data Protection (P of SPD) Order 2000, including when the processing is necessary for the exercise of any functions conferred on a Constable by any rule of law and also where certain processing is necessary for the purposes of the prevention or detection of any unlawful act, where seeking the consent of the data subject to the processing, would prejudice those purposes. 

Exemptions – from certain provisions of the Data Protection Act exist, but the requirements to comply with the conditions of Schedules 2 & 3 as outlined in the first Data Protection Principle still apply. Disclosures may be partially exempt from the first Data Protection Principle of fair and lawful processing and other non-disclosure provisions.  They may also be exempt from the requirement to provide information to the individual whose details it is.  

  • where the consent of the individual concerned has been obtained

Exemptions outlined in Sections 29(1), 29(2) and 29(3) of the Data Protection Act may apply where non-disclosure would be likely to prejudice:

  • the prevention or detection of crime

  • the apprehension or prosecution of offenders

  • the assessment or collection of any tax or duty or of any imposition of a similar nature

  • the discharge of statutory functions

  • the assessment of risk in the disbursement of public funds (fraudulent use of public funds)

or

  • where the disclosure is required by law, a court order or for the prospective legal proceedings.

  • where disclosure is urgently required to prevent injury or damage to the health of any person.

These will incorporate a number of crime reduction activities, although they are not total exemptions and only apply where the purpose of using the information would be likely to be prejudiced. The exemptions do not permit disclosure of irrelevant information, relating to an individual and disclosure must always involve the minimum amount of information necessary for the purpose, which must be consistent with one of the exemptions above.

The Information Commissioner advises that exemptions should be considered on a case-by-case basis. The Commissioner also advises that in determining whether a failure to disclose would prejudice one of these purposes, there would need to be a substantial chance rather than a mere risk that the purpose would be prejudiced. It should also be stressed that these exemptions also apply to organisations outside the public sector - in processing personal data, exemptions are 'not the rule'.

Where exemptions apply, processing must still, comply with the remaining 7 data protection principles i.e.

  • processed for limited purposes;

  • adequate, relevant and not excessive;

  • accurate;

  • not kept longer than necessary;

  • processed in accordance with the data subject's rights;

  • kept secure;

  • not transferred to countries outside the EEA without adequate protection

Further information on compliance with the Data Protection Act can be obtained from the:

Office of the Information Commissioner

Information Line: 01625 545 745

e-mail: mail@dataprotection.gov.uk

Switchboard: 01625 545 700

Fax: 01625 524 510

DX: 20819 Wilmslow

Web-site: http://www.dataprotection.gov.uk/

Or write to:

The Information Commissioner
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Back to Legal Considerations

<<Contents

 < Previous Section

 Next Section>>

 

 *
   
** Back to Top    Site Help    Search    Contact Us    Site Map    Knowledgebase