Data Protection Act

1. IntroductionThe criteria for this project have been adapted from The Data Protection Act 2018 of the UK identified as the “General Data Protection Regulation (GDPR)”(https://www.legislation.gov.uk/ukpga/2018/12/contents) and the California Consumer Privacy Act (CCPA) (https://oag.ca.gov/privacy/ccpa).Data Protection Principles require everyone using personal data to make sure that rules are followed called ‘data protection principles. They must make sure the information is:• used fairly, lawfully and transparently• used for specified, explicit purposes• used in a way that is adequate, relevant and limited to only what is necessary• accurate and, where necessary, kept up to date• kept for no longer than is necessary• handled in a way that ensures appropriate security, including protection against unlawful or unauthorized processing, access, loss, destruction or damage.
There is stronger legal protection for more sensitive information, such as:• race• ethnic background• political opinions• religious beliefs• trade union membership• genetics• biometrics (where used for identification)• health• sex life or orientation
There are separate safeguards for personal data relating to criminal convictions and offences.
2. InstructionYou need to create the New Jersey Data Protection Act which will automatically grant the right to everyone to find out what information the government and other organizations collect and store about them. The Act will include the right to:• be informed about how your data is being used• access personal data• have incorrect data updated• have data erased• stop or restrict the processing of your data• data portability (allowing you to get and reuse your data for different services)• object to how your data is processed in certain circumstances
Everyone also has rights when an organization is using their personal data for:• automated decision-making processes (without human involvement)• profiling, for example to predict your behavior or interests.
3. The Act Components (also attached in uplode files)I. Overview• The need for the protection of personal data• Explain why personal data is being protected. Focus on details.
II. The Law• Explain the new law in detail.
III. Categories of personal data• What are the categories of data protected under the law?
IV. Rights of the Individuals Relative to Personal Data• What rights do individuals have under the law.• When can the rights be ignored (circumstances)?
V. Restrictions of Data UseWhat are the restrictions of data use?(include all categories of data and explain in detail what they consist of).
VI. Transfer of data to third-parties including outside of the United States• How and when can data be transferred• What are the restrictions• Is consent needed• How is the consent obtained if needed?• How long will the consent be active.?• Procedures to obtain consent.
VII. Principles (See Chapter 2 of the GDPR)• Identify all principles.
VIII. Rights of Individuals (See Chapter 3 of the GDPR)• Identify the rights of individuals• Minors• Spouses• Incapacitated individuals
IX. Rights of the Data Controllers and Processors (See Chapter 4 of the GDPR)• What rights do those controlling and processing personal data have?
X. Exemptions• What are the exemptions to obtaining consent?• What data is exempt?
XI. Specific LawsIdentify the specific laws in detail.
XII. Enforcement• How will the Act be enforced?
XIII. Penalties• What are the penalties for breaking the new law?• Include details and be very specific.
4. Writing Requirements• Margins: 1 inch• Font: Times Roman 12• APA format using APA headings (Use the APA 7th edition Style Guide)• The written work must be clear, concise, logical, and well-edited. Misspellings, syntax, and grammar errors, as well as other writing problems, are unacceptable in work.• Original work is required. You may use the GDPR and CCPA as guides.