Section 325, CJA 2003 sets out the statutory basis for MAPPA (without referring to it specifically by name admittedly) and defines the organisations that must be involved in subsection 6.
I think if you one of the organisations mentioned in subsection 6 then you can claim to have a statutory role in the MAPPA process and therefore are covered by Section 30(1)(b) and a competent authority for any data exchanged for that purpose.
If you are not then it's more difficult to argue that Section 30 applies.
Conversely you could argue that you are providing non-law enforcement data under section 8(a) ie "is necessary for the performance of a task carried out in the public interest" in this case the administration of justice (and under Schedule 1, Part 2 if it is special category data).
You are right though that the LED gives a little more scope, but that wasn't transposed into the DPA.
-----Original Message-----
From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Phil Bradshaw
Sent: 28 January 2019 09:50
To: [log in to unmask]
Subject: Re: [data-protection] MAPPA lawful basis
"We have a document from Police Scotland regarding MAPPA which states 'Each of the constituent parts of MAPPA be they Responsible Authorities or held under a Duty to Cooperate are “competent authorities” under Section 30 of DPA 2018'."
Our RA clearly takes the same view based on the draft supplied. It doesn't mean it is necessarily right.
I am however open to persuasion in the interests of an easy life. Perhaps DPA shouldn't use the undefined term "statutory function" ( does a duty to co-operate make it a statutory function?).
I would, I think, have an easier time with the definition in Art 3(7)(b) of the Law Enforcement Directive "any other body or entity entrusted by Member State law to exercise public authority and public powers ... ".
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask] All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|