The Data Protection Act 2018 (Amendment of Schedule 2 Exemptions) Regulations 2022
| Jurisdiction | UK Non-devolved |
| Citation | SI 2022/76 |
| Year | 2022 |
2022 No. 76
Data Protection
The Data Protection Act 2018 (Amendment of Schedule 2 Exemptions) Regulations 2022
Made 26th January 2022
Coming into force in accordance with regulation 1(2)
The Secretary of State makes the following Regulations in exercise of the powers conferred by sections 16 and 182(5) of the Data Protection Act 20181.
In accordance with section 182(2) of that Act, the Secretary of State has consulted the Commissioner2and such other persons as the Secretary of State considers appropriate.
In accordance with section 16(3) of that Act3, a draft of this instrument has been laid before, and approved by a resolution of, both Houses of Parliament.
Citation, commencement and extent
1.—(1) These Regulations may be cited as the Data Protection Act 2018 (Amendment of Schedule 2 Exemptions) Regulations 2022.
(2) These Regulations come into force on—
(a)
(a) 31st January 2022, or
(b)
(b) if later, the day after the day on which they are made.
(3) These Regulations extend to England and Wales, Scotland and Northern Ireland.
Amendment of Part 1 of Schedule 2 to the Data Protection Act 2018
2.—(1) Part 1 of Schedule 2 (exemptions etc. from the UK GDPR) to the Data Protection Act 20184is amended as follows.
(2) In paragraph 4 (immigration exemption)—
(a)
(a) in sub-paragraph (1), in the words before paragraph (a), after “processed” insert “by the Secretary of State”;
(b)
(b) after sub-paragraph (1), insert—
“
1A But sub-paragraph (1) does not apply unless the Secretary of State has an immigration exemption policy document in place.
1B For the purposes of sub-paragraph (1A), the Secretary of State has an immigration exemption policy document in place if the Secretary of State has produced a document which explains the Secretary of State’s policies and processes for—
(a) determining the extent to which the application of any of the UK GDPR provisions listed in sub-paragraph (2) would be likely to prejudice any of the matters mentioned in sub-paragraph (1)(a) and (b), and
(b) where it is determined that any of those provisions do not apply in relation to personal data processed for any of the purposes mentioned in sub-paragraph (1)(a) and (b), preventing—
(i) the abuse of that personal data, and
(ii) any access to, or transfer of, it otherwise than in accordance with the UK GDPR.
1C Paragraphs 4A and 4B make provision about additional safeguards in connection with the exemption in this paragraph.
”;
(c)
(c) in sub-paragraph (2), for “sub-paragraph (1)” substitute “sub-paragraphs (1) and (1B)”;
(d)
(d) omit sub-paragraphs (3) and (4).
(3) After paragraph 4 insert—
“
Immigration: additional safeguard: decisions for the purposes of paragraph 4(1) and requirement to have regard to immigration exemption policy document
4A.—(1) The Secretary of State must—
(a)
(a) determine the extent to which the application of the relevant UK GDPR provisions would be likely to prejudice any of the matters mentioned in paragraph 4(1)(a) and (b) on a case by case basis, and
(b)
(b) have regard, when...
To continue reading
Request your trial