Introduction According to the UK’s data protection regulator, the Information Commissioner’s Office (the ICO), a former health adviser has been found guilty of accessing medical records of patients without a valid legal reason. This article takes a brief look at this matter. What’s this case all about? An individual called Mr. Christopher O’Brien worked for Read more »
Search Results for: glossary
Changes to UK Data Protection Regime Published
Introduction The United Kingdom government has now introduced its legislative proposal to make changes to the UK privacy/data protection regime (which essentially consists of UK GDPR, the Data Protection Act 2018 and PECR [E-Privacy rules]) entitled the “Data Protection and Digital Information Bill” (“the Bill”). This article provides a snapshot of what we think organisations Read more »
ICO Fines Clearview £7.5 Million for Data Protection Infringements
We first issued this alert on 24 May 2022 and have updated it to reflect more recent developments. Introduction The UK Information Commissioner’s Office (the ICO) fined Clearview AI Inc. (Clearview) £7,552,800 in May 2022 for data protection law infringements in using images of people for its AI product. Clearview collected images from the internet Read more »
EU FAQs on Standard Contractual Clauses
Introduction The European Commission recently issued a question and answer document about the EU standard contractual clauses that were issued in 2021. This article briefly looks at some of the highlights. What’s this all about? Under the EU General Data Protection Regulation (EU GDPR), contractual clauses ensuring appropriate data protection safeguards can be used as Read more »
UK Government Proposed Changes to Data Protection Regime
Introduction The United Kingdom government is planning on changing the UK privacy/data protection regime, which consists of UK GDPR, PECR (E-Privacy rules) and the Data Protection Act 2018. This article briefly highlights the key points of proposed reform. What’s this all about? In May this year the UK government announced as part of its legislative Read more »
UK High Court Rejects Misuse of Private Information Claim in Smith v TalkTalk Case
Introduction Claims before the courts in both the UK and EU countries for compensation for alleged privacy violations continue to be brought in ample quantity. In the recent case of Graeme Smith & Others (“the individuals”) v TalkTalk Telecom Group PLC (“TalkTalk”) the UK High Court dismissed the individuals’ claim that TalkTalk could be liable Read more »
European Data Protection Board Issues Draft EU GDPR Fines Amount Calculation Guidance
Introduction The European Data Protection Board (EDPB) recently issued its draft guidance on calculating fines entitled “Guidelines 04/2022 on the calculation of administrative fines under the GDPR” This article looks at this development in brief. What’s this all about? Under EU GDPR organizations can be fined for GDPR infringements. The calculation of the amount of Read more »
European Court Rules Class-Action Data Protection Claim Can Be Brought By Consumer Organizations Without Individual Mandate To Do So
Introduction Claims before domestic courts in both the UK and EU countries for compensation for alleged data protection violations continue to be brought. In a recent ruling the European Court decided in the case of Meta Platforms Ireland Limited, formerly Facebook Ireland Limited -v- Bundesverband der Verbraucherzentralen und Verbraucherverbände – Verbraucherzentrale Bundesverband e.V (Case C-319/20) Read more »
UK International Data Transfer Agreement (IDTA) Now Issued
Introduction Last year the UK issued proposals concerning international data transfers from the UK (which we reported on here https://www.corderycompliance.com/uk-consultation-scc-idta/). The International Data Transfer Agreement (IDTA) and related materials have now been published and if all goes according to plan will become law this March 2022. This article looks at this latest development in brief. Read more »
Data Protection Due Diligence in Transactions FAQs
Introduction Data protection/privacy rules play a prominent role in merger and acquisitions transactions. The degree of data protection compliance in a transaction could have an effect on the final price or even make or break a deal, or lead to unwelcome surprises later on. The ICO’s enforcement case against Marriott International Inc. where in 2020 Read more »
- « Previous Page
- 1
- 2
- 3
- 4
- …
- 11
- Next Page »