We have recently encountered issues and concerns as to whether the disclosure of data is possible under GDPR, notably from the CPS.
As part of an investigation of the evidence, it is often necessary for a copy of the data extracted from a device by Police to be disclosed.
This data required is normally from the device belonging to the Defendant in a case, however, it could also be a complainant, or the parents within family proceedings.
Where data is required within legal proceedings, GDPR does not apply. This is confirmed within Schedule 2, Part 1 of the Data Protection Act 2018 at Data Protection Act 2018 (legislation.gov.uk) where it states as follows:
Information required to be disclosed by law etc or in connection with legal proceedings
5 (1)The listed GDPR provisions do not apply to personal data consisting of information that the controller is obliged by an enactment to make available to the public, to the extent that the application of those provisions would prevent the controller from complying with that obligation.
(2)The listed GDPR provisions do not apply to personal data where disclosure of the data is required by an enactment, a rule of law or an order of a court or tribunal, to the extent that the application of those provisions would prevent the controller from making the disclosure.
(3)The listed GDPR provisions do not apply to personal data where disclosure of the data—
(a)is necessary for the purpose of, or in connection with, legal proceedings (including prospective legal proceedings),
(b)is necessary for the purpose of obtaining legal advice, or
(c)is otherwise necessary for the purposes of establishing, exercising or defending legal rights,
to the extent that the application of those provisions would prevent the controller from making the disclosure.
About Athena Forensics
For information on our digital forensic services or if you require any advice or assistance please contact a member of our team on 0330 123 4448 or via email on firstname.lastname@example.org, further details are available on our contact us page.
Our client’s confidentiality is of the utmost importance. All correspondence is treated with discretion, from initial contact to the conclusion of any computer forensic investigation.
Our digital forensics experts are fully aware of the significance and importance of the information that they encounter and we have been accredited to ISO 9001 for 10 years.
Our forensic experts are all security cleared and we offer non-disclosure agreements if required. Our premises along with our security procedures have been inspected and approved by law enforcement agencies.
Athena Forensics do not disclose personal information to other companies or suppliers.