xmlns:atom="http://www.w3.org/2005/Atom" xmlns:atom="http://www.w3.org/2005/Atom"
Textual Amendments
F1Pt. 2 Ch. 3 heading substituted (31.12.2020) by The Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (S.I. 2019/419), reg. 1(2), Sch. 2 para. 27 (with reg. 5); 2020 c. 1, Sch. 5 para. 1(1)
Modifications etc. (not altering text)
C1Pt. 2 Ch. 3 applied (31.12.2020) by Regulation (EU) No. 625/2017, Art. 143 (as substituted by The Official Controls (Animals, Feed and Food, Plant Health etc.) (Amendment) (EU Exit) Regulations 2020 (S.I. 2020/1481), regs. 1, 27(3) (with reg. 46))
(1)Subject to subsection (3), a certificate signed by a Minister of the Crown certifying that exemption from all or any of the provisions listed in section 26(2) is, or at any time was, required in relation to any personal data for the purpose of safeguarding national security is conclusive evidence of that fact.
(2)A certificate under subsection (1)—
(a)may identify the personal data to which it applies by means of a general description, and
(b)may be expressed to have prospective effect.
(3)Any person directly affected by a certificate under subsection (1) may appeal to the Tribunal against the certificate.
(4)If, on an appeal under subsection (3), the Tribunal finds that, applying the principles applied by a court on an application for judicial review, the Minister did not have reasonable grounds for issuing a certificate, the Tribunal may—
(a)allow the appeal, and
(b)quash the certificate.
(5)Where, in any proceedings under or by virtue of [F2the UK GDPR] or this Act, it is claimed by a controller that a certificate under subsection (1) which identifies the personal data to which it applies by means of a general description applies to any personal data, another party to the proceedings may appeal to the Tribunal on the ground that the certificate does not apply to the personal data in question.
(6)But, subject to any determination under subsection (7), the certificate is to be conclusively presumed so to apply.
(7)On an appeal under subsection (5), the Tribunal may determine that the certificate does not so apply.
(8)A document purporting to be a certificate under subsection (1) is to be—
(a)received in evidence, and
(b)deemed to be such a certificate unless the contrary is proved.
(9)A document which purports to be certified by or on behalf of a Minister of the Crown as a true copy of a certificate issued by that Minister under subsection (1) is—
(a)in any legal proceedings, evidence of that certificate;
(b)in any legal proceedings in Scotland, sufficient evidence of that certificate.
(10)The power conferred by subsection (1) on a Minister of the Crown is exercisable only by—
(a)a Minister who is a member of the Cabinet, or
(b)the Attorney General or the Advocate General for Scotland.
Textual Amendments
F2Words in s. 27(5) substituted (31.12.2020) by The Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (S.I. 2019/419), reg. 1(2), Sch. 2 para. 35 (with reg. 5); 2020 c. 1, Sch. 5 para. 1(1)