Level 1

Question 1

What does GDPR stand for?

Answer 1

General Data Protection Regulations

Question 2

What is the relevant UK legislation that governs data protection?

Answer 2

The Data Protection Act 2018 is the UK’s implementation of GDPR (2016) (European directive), and DPA 2018 replaces DPA 1998

Question 3

What is GDPR?

Answer 3

General Data Protection Regulations 2016 represents the largest change in data protection law across the EU to include the UK, and relates to the processing of personal data.

Question 4

What is the purpose of GDPR?

Answer 4

• To create a single data protection regime for anyone doing business in the EU
• To empower individuals to take control of how their data is used by third parties
• Gives people more rights to be informed of how their personal data is being used

Question 5

When did the most recent Data Protection Act come into effect?

Answer 5

25 May 2018

Question 6

Is DPA 2018 affected by Brexit?

Answer 6

No as it is the UK’s implementation of the EU’s GDPR directive

Question 7

What are the 8 individual rights under GDPR?

Answer 7

1. Right to be informed
2. Right of access
3. Right to rectify
4. Right to erase
5. Right to restrict processing
6. Right to data portability
7. Right to object
8. Rights to automated decision making & profiling

Question 8

Under Article 5 of GDPR, what are the data protection principles?

Answer 8

1. Lawfulness, fairness and transparency
2. Purpose limitation
3. Data minimisation
4. Accuracy
5. Storage limitation
6. Integrity & confidentiality (security)
7. Accountability

Question 9

What are the key requirements under DPA 2018?

Answer 9

• Conduct data protection impact assessments for high risk holding of data
• Elect a Data Controller who decides how and why personal data is processed & is responsible for GDPR
• Demonstrate compliance with principles to Information Commissioner’s Office (ICO)

Question 10

When data security is breached, what is the protocol?

Answer 10

Report to ICO within 72 hours, where there is a loss of personal data and a risk of harm to individuals

Question 11

What are the penalties for breaching data security?

Answer 11

Standard - the greater of 10m euros or 2% of total global turnover
Higher - the greater of 20m euros or 4% of total global turnover

Question 12

Who polices data protection?

Answer 12

Information Commissioner’s Office (ICO)

Question 13

What is the Freedom of Information Act 2000?

Answer 13

Provides individuals with the right to access information held by public bodies

Question 14

Under the Freedom of Information Act 2000, how can individuals access information held by the public sector?

Answer 14

• Request access in writing
• Typically public body required to supply the data in 20 working days in the requested format
• Public body can charge for the provision of info.
  N.B. Public body must inform any individual requesting sight of data whether or not they hold this data

Question 15

Can the public sector provide access to any information that is requested?

Answer 15

Provided that the information is not exempt, i.e.:

• contrary to GDPR requirements
• it would prejudice a criminal matter under investigation
• it would prejudice a person’s/organisation’s commercial interest
• matter of national security

Question 16

How can you ensure security of data?

Answer 16

• improve security of electronic data using firewalls, encryption and passwords/security markings
• physically locking away work/notes

Question 17

What are the key best practice in data management

Answer 17

• cross-reference with hard copy
• IT system maintenance - back up
• Protect integrity
• Info management policy/system integrity
• Audit trail
• Electronic signature has a legal status as long as it cannot be altered

Question 18

How can you source proof of title?

Answer 18

• Property deeds (absolute proof)

- Registered land (good indication)

Question 19

What is copyright?

Answer 19

A set of exclusive rights, granted to the author/creator of any original work, including the right to copy.

• -> form of intellectual property
• -> can be licensed, assigned and transferred

Question 20

What is Crown Copyright?

Answer 20

This refers to all materials created and prepared by the Government, including laws, legislation, public records, official press releases, OS mapping

Question 21

What is a deed?

Answer 21

A legal document made under seal, which sets out info regarding ownership and other property details (legal interest in the land)

Question 22

What are title documents?

Answer 22

Official register of title held on land registry and can be requested at a fee

Question 23

What information does the Title Register contain?

Answer 23

• legal owner (freeholder)
• address of owner
• leaseholder(s)
• tenure
• price paid/value stated
• boundaries
• restrictions/easements/covenants

Question 24

What is title indemnity insurance?

Answer 24

Protects a party against any claims arising from the title of a property, to cover such matters as:

• title defects
• restrictive covenants/easements

–> a one-off premium

Question 25

What is a title defect?

Answer 25

Any potential threat to a current owner's full right or claim to sell a property (encumbrance, e.g. a tax lien, mortgage or judgement) - -> e.g. a homeowner cannot sell a home if there is an outstanding tax lien on the property (i.e. the property serves to guarantee an obligation such as a loan repayment) - -> because the asset cannot be legally transferred, the title is considered to be 'unmarketable'

Question 26

What is a restrictive covenant?

Answer 26

An agreement to restrict the use of land in some way, for the benefit of other land. These are binding legal obligations written into the property's deeds. They run with the land and hence are typically transferable onto successors

Question 27

Can you remove a restrictive covenant?

Answer 27

Yes, by application to the Upper Tribunal (Lands Chamber), but grounds for discharge are very strict. In some instances, title indemnity insurance can be procured.

Question 28

What are the RICS Data Standards 2018?

Answer 28

RICS developed a suite of data standards to ensure that data is captured, verified and shared within organisations and across external stakeholders in a common format

Question 29

What are the benefits of sharing data?

Answer 29

- improved market transparency - improved productivity - improved insights to share with clients to win business and impact the built and natural environment

Question 30

What is the purpose of the RICS Data Standards?

Answer 30

To address the issues of digital data inconsistency and to streamline data models, encouraging structure in data

Question 31

How do the RICS Data Standards work?

Answer 31

They are to be used in parallel with RICS International Standards & Professional Statements (e.g. IPMS)

Question 32

What does the Right to be Forgotten mean?

Answer 32

Individuals have the right to have their data deleted by companies that hold it, if they so wish

Question 33

What types of data do you process in your daily job role?

Answer 33

Data as reviewed for the purposes of conducting a valuation, including names of individuals/addresses and other data found in the documentation provided to CBRE

Question 34

What is the duration of the data processing you conduct for each instruction?

Answer 34

As required in order to deliver our services pursuant to the instruction agreement (ToE), or as otherwise required by law