Assessable processing57.(1) The Minister may by Executive Instrument specify actions whichconstitute assessable processing if the Minister considers the assessableprocessing likely to(a)cause substantial damage or substantial distress to a data subject,or(b)otherwise significantly prejudice the privacy rights of a data subject;(2)On receipt of an application for registration, the Commission shallconsider(a)whether the processing to which the notification relates isassessable, or(b)if the assessable processing complies with the provisions of thisAct.(3)The Commission shall within twenty-eight days from the dayof receipt of the application, inform the data controller whether the processingis likely to comply with the provisions of this Act.(4)TheCommissionmay extend theinitialperiod bya further periodwhich does not exceed fourteen days or other period that the Commission mayspecify.(5) The assessable processing in respect of which a notification has beengiven to the Commission shall not be carried on unless(a)the period of twenty-eight days has elapsed, or(b)before the end ofthat period, the data controller receives a noticefrom the Commission under subsection (3).(6) A data controller who contravenes this section commits an of- fenceand is liable on summary conviction to a fine of not more than two hundred andfifty penalty units or to a term of imprisonment of not more than two years orto both.
Appointment of data protection supervisors58.(1) A data controller may appoint a certified and qualified datasupervisor to act as a data protection supervisor.(2)The data protection supervisor is responsible for the monitoring of thedata controller’s compliance with the provisions of this Act.(3)This section is subject to the exemptions or modifications speci- fied inthe authorisation.(4)An authorisation under this section may(a)impose a duty on a data protection supervisor in relation to theCommission, and(b)confer a function on the Commission in relation to a dataprotection supervisor.(5)A data protection supervisor may be an employee ofthe datacontroller.(6)The Commission shall provide the criteria for qualification to beappointed as a data protection supervisor.(7) A person shall not be appointed as a data protection supervisor unlessthe person satisfies the criteria set by the Commission.Fees59.The Minister may by Regulations prescribe fees for the purpose ofsections 49, 50 and 54.ExemptionsNational security60.(1) The processing of personal data is exempt from the provisions of thisAct for the purposes of(a)public order,(b)public safety,(c)public morality,(d)national security, or(e)public interest.(2) Subject to article 18 (2) of the Constitution, a certificate signedby the Minister is prima facie evidence of exemption from the provisions ofthisAct.
You've reached the end of your free preview.
Want to read all 43 pages?
- Fall '16
- drox
- person, The Commission, Data Protection Act 1998, personal data, Data Protection Commission
