Show Search Form

Search Results

registered interest	true false
date	exactly: or between: and
answering body
answering dept id
answering dept short name
answering dept sort name
hansard heading
house id
legislature	pref label
question text
tabling member constituency
tabling member printed
uin
answer	is ministerial correction true false date of answer exactly: or between: and answer text answering member constituency answering member printed grouped question UIN question first answered answering member label
tabling member	label

Search

390148

registered interest
date	15/07/2015
answering body	Ministry of Justice
answering dept id	54
answering dept short name	Justice
answering dept sort name	Justice
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Justice, what obligations (a) people with reporting obligations in the regulated sector and (b) others have to ensure that a data controller who has processed personal data when not entitled to do so because of lack of notification does not benefit from any proceeds that may have been received as a consequence of that processing; and what sanctions can be taken against people who fail to fulfil those obligations.
tabling member constituency	St Helens South and Whiston
tabling member printed	Marie Rimmer
uin	7446
answer	answer is ministerial correction date of answer 22/07/2015 answer text <p>The Data Protection Act 1998 (DPA) requires every data controller who is processing personal information to register with the Information Commissioner’s Office (ICO) unless they are exempt. Failure to do so is a criminal offence.</p><p> </p><p>The ICO has the ability to prosecute data controllers who process personal data having failed to notify in accordance with the DPA. A successful prosecution could result in a fine being imposed. The length of time that a data controller has failed to notify, and any financial benefit they have received from not paying the notification fees, is a factor that is taken into account by the Court when sentencing and setting the appropriate level of fine. There are no provisions in the Proceeds of Crime Act that would require someone to report to a court or anyone else that any profit has been made from the offence of processing personal data without being registered. If someone suspects that money laundering has occurred then the reporting obligations set out in the Money Laundering Regulations 2007 will, for example, apply.</p><p> </p><p>It is for data controllers to seek registration; the ICO periodically reminds organisations of the requirement to notify. Fee income has been increasing year on year with increasing numbers of notifications.</p><p> </p><p>The Ministry of Justice and the ICO are looking at the current funding model as part of negotiations on the proposed EU Data Protection Regulation.</p> answering member constituency Esher and Walton answering member printed Dominic Raab grouped question UIN 6938 6947 6948 6949 6951 6952 question first answered 22/07/2015 10:07:56 answering member 4007 label Biography information for Dominic Raab
tabling member	4457 label Biography information for Ms Marie Rimmer

389716

registered interest
date	14/07/2015
answering body	Ministry of Justice
answering dept id	54
answering dept short name	Justice
answering dept sort name	Justice
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Justice, what assessment he has made of the extent of revenue that has been lost to the public purse in each of the last seven financial years as a result of data controllers who are required to notify or register under the Data Protection Act and pay a fee not doing so; and what steps he is taking to (a) recoup the losses to the public purse that have occurred and (b) prevent such further losses.
tabling member constituency	St Helens South and Whiston
tabling member printed	Marie Rimmer
uin	6938
answer	answer is ministerial correction date of answer 22/07/2015 answer text <p>The Data Protection Act 1998 (DPA) requires every data controller who is processing personal information to register with the Information Commissioner’s Office (ICO) unless they are exempt. Failure to do so is a criminal offence.</p><p> </p><p>The ICO has the ability to prosecute data controllers who process personal data having failed to notify in accordance with the DPA. A successful prosecution could result in a fine being imposed. The length of time that a data controller has failed to notify, and any financial benefit they have received from not paying the notification fees, is a factor that is taken into account by the Court when sentencing and setting the appropriate level of fine. There are no provisions in the Proceeds of Crime Act that would require someone to report to a court or anyone else that any profit has been made from the offence of processing personal data without being registered. If someone suspects that money laundering has occurred then the reporting obligations set out in the Money Laundering Regulations 2007 will, for example, apply.</p><p> </p><p>It is for data controllers to seek registration; the ICO periodically reminds organisations of the requirement to notify. Fee income has been increasing year on year with increasing numbers of notifications.</p><p> </p><p>The Ministry of Justice and the ICO are looking at the current funding model as part of negotiations on the proposed EU Data Protection Regulation.</p> answering member constituency Esher and Walton answering member printed Dominic Raab grouped question UIN 6947 6948 6949 6951 6952 7446 question first answered 22/07/2015 10:07:55 answering member 4007 label Biography information for Dominic Raab
tabling member	4457 label Biography information for Ms Marie Rimmer

389906

registered interest
date	14/07/2015
answering body	Ministry of Justice
answering dept id	54
answering dept short name	Justice
answering dept sort name	Justice
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Justice, what discussions his Department has had with the Information Commissioner's Office (ICO) on ensuring that collection of registration and notification fees from data controllers is actively pursued by the ICO; and whether such collection was discussed at the meeting between the Deputy Director of Information Rights and Devolution Policy and the ICO on 29 April 2015.
tabling member constituency	St Helens South and Whiston
tabling member printed	Marie Rimmer
uin	6951
answer	answer is ministerial correction date of answer 22/07/2015 answer text <p>The Data Protection Act 1998 (DPA) requires every data controller who is processing personal information to register with the Information Commissioner’s Office (ICO) unless they are exempt. Failure to do so is a criminal offence.</p><p> </p><p>The ICO has the ability to prosecute data controllers who process personal data having failed to notify in accordance with the DPA. A successful prosecution could result in a fine being imposed. The length of time that a data controller has failed to notify, and any financial benefit they have received from not paying the notification fees, is a factor that is taken into account by the Court when sentencing and setting the appropriate level of fine. There are no provisions in the Proceeds of Crime Act that would require someone to report to a court or anyone else that any profit has been made from the offence of processing personal data without being registered. If someone suspects that money laundering has occurred then the reporting obligations set out in the Money Laundering Regulations 2007 will, for example, apply.</p><p> </p><p>It is for data controllers to seek registration; the ICO periodically reminds organisations of the requirement to notify. Fee income has been increasing year on year with increasing numbers of notifications.</p><p> </p><p>The Ministry of Justice and the ICO are looking at the current funding model as part of negotiations on the proposed EU Data Protection Regulation.</p> answering member constituency Esher and Walton answering member printed Dominic Raab grouped question UIN 6938 6947 6948 6949 6952 7446 question first answered 22/07/2015 10:07:56 answering member 4007 label Biography information for Dominic Raab
tabling member	4457 label Biography information for Ms Marie Rimmer

389907

registered interest
date	14/07/2015
answering body	Ministry of Justice
answering dept id	54
answering dept short name	Justice
answering dept sort name	Justice
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Justice, what mechanism (a) the Information Commissioner's Office and (b) his Department has in place to recover unpaid notification and registration fee income from data controllers; what the costs of such recovery is; from what budget such costs are met; and whether such costs are recovered from data controllers who do not pay such fees.
tabling member constituency	St Helens South and Whiston
tabling member printed	Marie Rimmer
uin	6952
answer	answer is ministerial correction date of answer 22/07/2015 answer text <p>The Data Protection Act 1998 (DPA) requires every data controller who is processing personal information to register with the Information Commissioner’s Office (ICO) unless they are exempt. Failure to do so is a criminal offence.</p><p> </p><p>The ICO has the ability to prosecute data controllers who process personal data having failed to notify in accordance with the DPA. A successful prosecution could result in a fine being imposed. The length of time that a data controller has failed to notify, and any financial benefit they have received from not paying the notification fees, is a factor that is taken into account by the Court when sentencing and setting the appropriate level of fine. There are no provisions in the Proceeds of Crime Act that would require someone to report to a court or anyone else that any profit has been made from the offence of processing personal data without being registered. If someone suspects that money laundering has occurred then the reporting obligations set out in the Money Laundering Regulations 2007 will, for example, apply.</p><p> </p><p>It is for data controllers to seek registration; the ICO periodically reminds organisations of the requirement to notify. Fee income has been increasing year on year with increasing numbers of notifications.</p><p> </p><p>The Ministry of Justice and the ICO are looking at the current funding model as part of negotiations on the proposed EU Data Protection Regulation.</p> answering member constituency Esher and Walton answering member printed Dominic Raab grouped question UIN 6938 6947 6948 6949 6951 7446 question first answered 22/07/2015 10:07:56 answering member 4007 label Biography information for Dominic Raab
tabling member	4457 label Biography information for Ms Marie Rimmer

389908

registered interest
date	14/07/2015
answering body	Ministry of Justice
answering dept id	54
answering dept short name	Justice
answering dept sort name	Justice
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Justice, what steps (a) the Information Commissioner's Office and (b) his Department has taken to ensure that (i) mediators, (ii) arbitrators and (iii) others providing legal services have registered as data controllers and paid any related fees in each of the last three years.
tabling member constituency	St Helens South and Whiston
tabling member printed	Marie Rimmer
uin	6948
answer	answer is ministerial correction date of answer 22/07/2015 answer text <p>The Data Protection Act 1998 (DPA) requires every data controller who is processing personal information to register with the Information Commissioner’s Office (ICO) unless they are exempt. Failure to do so is a criminal offence.</p><p> </p><p>The ICO has the ability to prosecute data controllers who process personal data having failed to notify in accordance with the DPA. A successful prosecution could result in a fine being imposed. The length of time that a data controller has failed to notify, and any financial benefit they have received from not paying the notification fees, is a factor that is taken into account by the Court when sentencing and setting the appropriate level of fine. There are no provisions in the Proceeds of Crime Act that would require someone to report to a court or anyone else that any profit has been made from the offence of processing personal data without being registered. If someone suspects that money laundering has occurred then the reporting obligations set out in the Money Laundering Regulations 2007 will, for example, apply.</p><p> </p><p>It is for data controllers to seek registration; the ICO periodically reminds organisations of the requirement to notify. Fee income has been increasing year on year with increasing numbers of notifications.</p><p> </p><p>The Ministry of Justice and the ICO are looking at the current funding model as part of negotiations on the proposed EU Data Protection Regulation.</p> answering member constituency Esher and Walton answering member printed Dominic Raab grouped question UIN 6938 6947 6949 6951 6952 7446 question first answered 22/07/2015 10:07:55 answering member 4007 label Biography information for Dominic Raab
tabling member	4457 label Biography information for Ms Marie Rimmer

389909

registered interest
date	14/07/2015
answering body	Ministry of Justice
answering dept id	54
answering dept short name	Justice
answering dept sort name	Justice
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Justice, what steps (a) the Information Commissioner's Office and (b) his Department has taken to ensure that (i) mediators, (ii) arbitrators and (iii) others providing medical services have registered as data controllers and paid any related fees in each of the last three years.
tabling member constituency	St Helens South and Whiston
tabling member printed	Marie Rimmer
uin	6949
answer	answer is ministerial correction date of answer 22/07/2015 answer text <p>The Data Protection Act 1998 (DPA) requires every data controller who is processing personal information to register with the Information Commissioner’s Office (ICO) unless they are exempt. Failure to do so is a criminal offence.</p><p> </p><p>The ICO has the ability to prosecute data controllers who process personal data having failed to notify in accordance with the DPA. A successful prosecution could result in a fine being imposed. The length of time that a data controller has failed to notify, and any financial benefit they have received from not paying the notification fees, is a factor that is taken into account by the Court when sentencing and setting the appropriate level of fine. There are no provisions in the Proceeds of Crime Act that would require someone to report to a court or anyone else that any profit has been made from the offence of processing personal data without being registered. If someone suspects that money laundering has occurred then the reporting obligations set out in the Money Laundering Regulations 2007 will, for example, apply.</p><p> </p><p>It is for data controllers to seek registration; the ICO periodically reminds organisations of the requirement to notify. Fee income has been increasing year on year with increasing numbers of notifications.</p><p> </p><p>The Ministry of Justice and the ICO are looking at the current funding model as part of negotiations on the proposed EU Data Protection Regulation.</p> answering member constituency Esher and Walton answering member printed Dominic Raab grouped question UIN 6938 6947 6948 6951 6952 7446 question first answered 22/07/2015 10:07:55 answering member 4007 label Biography information for Dominic Raab
tabling member	4457 label Biography information for Ms Marie Rimmer

389914

registered interest
date	14/07/2015
answering body	Ministry of Justice
answering dept id	54
answering dept short name	Justice
answering dept sort name	Justice
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Justice, what steps (a) the Information Commissioner's Office and (b) his Department takes to ensure that those data controllers who are not registered do not accrue benefit from such work; and what obligations there are to report such non-registration under legislation related to (i) money laundering and (ii) proceeds of crime.
tabling member constituency	St Helens South and Whiston
tabling member printed	Marie Rimmer
uin	6947
answer	answer is ministerial correction date of answer 22/07/2015 answer text <p>The Data Protection Act 1998 (DPA) requires every data controller who is processing personal information to register with the Information Commissioner’s Office (ICO) unless they are exempt. Failure to do so is a criminal offence.</p><p> </p><p>The ICO has the ability to prosecute data controllers who process personal data having failed to notify in accordance with the DPA. A successful prosecution could result in a fine being imposed. The length of time that a data controller has failed to notify, and any financial benefit they have received from not paying the notification fees, is a factor that is taken into account by the Court when sentencing and setting the appropriate level of fine. There are no provisions in the Proceeds of Crime Act that would require someone to report to a court or anyone else that any profit has been made from the offence of processing personal data without being registered. If someone suspects that money laundering has occurred then the reporting obligations set out in the Money Laundering Regulations 2007 will, for example, apply.</p><p> </p><p>It is for data controllers to seek registration; the ICO periodically reminds organisations of the requirement to notify. Fee income has been increasing year on year with increasing numbers of notifications.</p><p> </p><p>The Ministry of Justice and the ICO are looking at the current funding model as part of negotiations on the proposed EU Data Protection Regulation.</p> answering member constituency Esher and Walton answering member printed Dominic Raab grouped question UIN 6938 6948 6949 6951 6952 7446 question first answered 22/07/2015 10:07:55 answering member 4007 label Biography information for Dominic Raab
tabling member	4457 label Biography information for Ms Marie Rimmer

386499

registered interest
date	30/06/2015
answering body	Ministry of Justice
answering dept id	54
answering dept short name	Justice
answering dept sort name	Justice
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Justice, what guidance his Department has issued to UK companies who will need to implement the General Data Protection Regulation.
tabling member constituency	Wimbledon
tabling member printed	Stephen Hammond
uin	4893
answer	answer is ministerial correction date of answer 08/07/2015 answer text <p>Under this Government's transparency policy, meetings between ministers and external organisations are published quarterly.</p><p> </p><p>The Ministry of Justice published an Impact Assessment on the Commission’s original proposals for a General Data Protection Regulation on the 22nd November 2012. The Council of the European Union agreed on a general approach at Justice and Home Affairs Council on June 15 2015 after making many amendments to the text. The Government is currently evaluating the impact the Council’s text would have on the UK overall. The potential effect of specific elements of the text on a range of sectors, including the financial sector, will also be explored.</p><p>The Ministry of Justice has not issued any guidance to companies about the General Data Protection Regulation as the final text is still under negotiation. Once the outcome of trilogue negotiations between the Council of the European Union, the European Parliament and the Commission are complete, the Information Commissioner’s Office will be considering what guidance may be necessary in due course.</p><p> </p><p>The Ministry of Justice is currently exploring how it will need to implement the provisions in the General Data Protection Regulation requiring national legislation after the final text has been adopted. Negotiations on the Regulation remain ongoing. Once a final text is adopted, it will be a minimum of two years before it comes into force.</p> answering member constituency Esher and Walton answering member printed Dominic Raab grouped question UIN 4891 4892 4894 question first answered 08/07/2015 16:06:06 answering member 4007 label Biography information for Dominic Raab
tabling member	1585 label Biography information for Stephen Hammond

386500

registered interest
date	30/06/2015
answering body	Ministry of Justice
answering dept id	54
answering dept short name	Justice
answering dept sort name	Justice
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Justice, when he plans to bring forward legislation to enact the General Data Protection Regulation.
tabling member constituency	Wimbledon
tabling member printed	Stephen Hammond
uin	4894
answer	answer is ministerial correction date of answer 08/07/2015 answer text <p>Under this Government's transparency policy, meetings between ministers and external organisations are published quarterly.</p><p> </p><p>The Ministry of Justice published an Impact Assessment on the Commission’s original proposals for a General Data Protection Regulation on the 22nd November 2012. The Council of the European Union agreed on a general approach at Justice and Home Affairs Council on June 15 2015 after making many amendments to the text. The Government is currently evaluating the impact the Council’s text would have on the UK overall. The potential effect of specific elements of the text on a range of sectors, including the financial sector, will also be explored.</p><p>The Ministry of Justice has not issued any guidance to companies about the General Data Protection Regulation as the final text is still under negotiation. Once the outcome of trilogue negotiations between the Council of the European Union, the European Parliament and the Commission are complete, the Information Commissioner’s Office will be considering what guidance may be necessary in due course.</p><p> </p><p>The Ministry of Justice is currently exploring how it will need to implement the provisions in the General Data Protection Regulation requiring national legislation after the final text has been adopted. Negotiations on the Regulation remain ongoing. Once a final text is adopted, it will be a minimum of two years before it comes into force.</p> answering member constituency Esher and Walton answering member printed Dominic Raab grouped question UIN 4891 4892 4893 question first answered 08/07/2015 16:06:06 answering member 4007 label Biography information for Dominic Raab
tabling member	1585 label Biography information for Stephen Hammond

386529

registered interest
date	30/06/2015
answering body	Ministry of Justice
answering dept id	54
answering dept short name	Justice
answering dept sort name	Justice
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Justice, what meetings his Department has had with the (a) Corporation of London and (b) FCA on the implementation of the General Data Protection Regulation and possible costs to the UK financial services sector.
tabling member constituency	Wimbledon
tabling member printed	Stephen Hammond
uin	4892
answer	answer is ministerial correction date of answer 08/07/2015 answer text <p>Under this Government's transparency policy, meetings between ministers and external organisations are published quarterly.</p><p> </p><p>The Ministry of Justice published an Impact Assessment on the Commission’s original proposals for a General Data Protection Regulation on the 22nd November 2012. The Council of the European Union agreed on a general approach at Justice and Home Affairs Council on June 15 2015 after making many amendments to the text. The Government is currently evaluating the impact the Council’s text would have on the UK overall. The potential effect of specific elements of the text on a range of sectors, including the financial sector, will also be explored.</p><p>The Ministry of Justice has not issued any guidance to companies about the General Data Protection Regulation as the final text is still under negotiation. Once the outcome of trilogue negotiations between the Council of the European Union, the European Parliament and the Commission are complete, the Information Commissioner’s Office will be considering what guidance may be necessary in due course.</p><p> </p><p>The Ministry of Justice is currently exploring how it will need to implement the provisions in the General Data Protection Regulation requiring national legislation after the final text has been adopted. Negotiations on the Regulation remain ongoing. Once a final text is adopted, it will be a minimum of two years before it comes into force.</p> answering member constituency Esher and Walton answering member printed Dominic Raab grouped question UIN 4891 4893 4894 question first answered 08/07/2015 16:06:06 answering member 4007 label Biography information for Dominic Raab
tabling member	1585 label Biography information for Stephen Hammond