Enjoy SmartLeges Premium!

Subscribe to SmartLeges Premium and enjoy the following advantages:

  • Consult as many laws as you need with no additional charge
  • Consult almost any law in several countries with the new advanced search engine. All legislation within reach!
  • Enjoy all SmartLeges functions without restrictions
See the plans

An essential and free application for professionals and students in the legal sector

Read more
 

Sign up for free!

Would you like to consult this and other laws complete?

Sign up for free to consult all the laws of SmartLeges in your mobile phone or tablet, as well as underline text, add notes...

Sign up for free!

Email Facebook Twitter Google Linkedin Tumblr

THE DATA PROTECTION (PROCESSING OF SENSITIVE PERSONAL DATA) ORDER 2006

UK Statutory Instruments

Version as made

2006 No. 2068


  • Version as made

Introductory Text

Statutory Instruments

2006 No. 2068

DATA PROTECTION

The Data Protection (Processing of Sensitive Personal Data) Order 2006

Made

25th July 2006

Coming into force in accordance with article 1(1)

The Secretary of State makes the following Order in exercise of the powers conferred by section 67(2) of and paragraph 10 of Schedule 3 to the Data Protection Act 1998(1);

In accordance with section 67(3), he has consulted the Information Commissioner;

In accordance with section 67(4) of that Act, a draft of this instrument was laid before Parliament and approved by a resolution of each House of Parliament.

Citation, commencement and interpretation

1.  (1)   This Order may be cited as the Data Protection (Processing of Sensitive Personal Data) Order 2006 and shall come into force on the day after the day on which it is made.

(2)  In this Order— “the Act” means the Data Protection Act 1998; “caution” means a caution given to any person in England and Wales or Northern Ireland in respect of an offence which, at the time when the caution is given, is admitted and includes a reprimand or warning to which section 65 of the Crime and Disorder Act 1998(2 ) applies; “conviction” has the same meaning as in section 56 of the Act; “payment card” includes a credit card, a charge card and a debit card; “pseudo-photograph” includes an image, whether made by computer-graphics or otherwise howsoever, which appears to be a photograph.

Condition relevant for purposes of the First Principle: processing of sensitive personal data

2.  (1)   For the purposes of paragraph 10 of Schedule 3 to the Act, the circumstances specified in paragraph (2) are circumstances in which sensitive personal data may be processed.

(2)  The processing of information about a criminal conviction or caution for an offence listed in paragraph (3) relating to an indecent photograph or pseudo-photograph of a child is necessary for the purpose of administering an account relating to the payment card used in the commission of the offence or for cancelling that payment card.
(3)  The offences listed are those under —
(a) section 1 of the Protection of Children Act 1978(3 ) ,
(b) section 160 of the Criminal Justice Act 1988(4 ) ,
(c) article 15 of the Criminal Justice (Evidence etc) (Northern Ireland) Order 1988(5 ) ,
(d) article 3 of the Protection of Children (Northern Ireland) Order 1978(6 ) ,
(e) section 52 of the Civic Government (Scotland) Act 1982(7 ) , or
(f) incitement to commit any of the offences in sub-paragraphs (a) - (e). Signed by authority of the Secretary of State Cathy AshtonParliamentary Under-Secretary of StateDepartment for Constitutional Affairs25th July 2006
Explanatory Note (This note is not part of the Order) “Sensitive personal data” is defined in section 2(g) and (h) of the Data Protection Act 1998 to include information as to the commission or alleged commission by a person of any offence, or any proceedings for any offence committed or alleged to have been committed by him, the disposal of such proceedings or the sentence of any court in such proceedings. The first data protection principle, set out in paragraph 1 of Schedule 1 to the Act, prohibits the processing of “sensitive personal data” unless one of the conditions in Schedule 3 to the Act is met. The condition set out in paragraph 10 of that Schedule is that the personal data are processed in circumstances specified in an order made by the Secretary of State. This Order specifies that information about a criminal conviction or caution may be processed for the purpose of administering an account relating to the payment card (or for cancelling the payment card) used in the commission of one of the listed offences relating to indecent images of children and for which the data subject has been convicted or cautioned under the relevant legislation in England and Wales, Scotland or Northern Ireland. (1) 1998 c. 29 . (2) 1998 c. 37 . (3) 1978 c. 37 , relevant amending and modifying instruments are the Sexual Offences Act 2003, s 45, s 139, Sch 6, para 24; the Criminal Justice Act 1988 s160(4) ; the Criminal Justice and Public Order Act 1994, s 84, s 168(3) , Sch 11. (4) 1988 c. 33 , relevant amending instruments are the Sexual Offences Act 2003, s 45, s 139, Sch 6, para 29; the Criminal Justice and Public Order Act 1994, s 84(4) , s 86, s 168(3) , Sch 11. (5) 1988 Number 1847 (N.I. 17) . (6) 1978 Number 1047 (N.I. 17) . (7) 1982 c. 45 as amended by the Criminal Justice and Public Order Act 1994 (c. 33) s 84; the Criminal Procedure (Consequential Provisions) (Scotland) Act 1995 (c. 40) , Sch 4 para. 44; the Criminal Justice (Scotland) Act 2003 (asp7) s 19; and the Protection of Children and Prevention of Sexual Offences (Scotland) Act 2005 (asp9) s 16.