In the latest episode of the award winning Life with GDPR podcast Jonathan Armstrong chats with Tom Fox about the role of the Data Protection Officer (DPO) under GDPR. The role of the DPO has been under scrutiny recently with a new initiative to look across the EU at this area of GDPR and a Read more »
Client Alert: UK EU Law (Revocation & Reform) Bill Update
Introduction In September 2022 the UK government introduced the “Retained EU Law (Revocation and Reform) Bill” (“the Bill”) which aims at amending, repealing or replacing retained EU law that, in the government’s view, “is no longer fit for the UK”. A revised version of the Bill was then issued in January 2023 (which we reported Read more »
French Cyberattack Insurance Payment Conditional Upon 72-Hour Reporting
What’s this about? Cyberattacks continue unabated, including ransomware ones. As you’re no doubt aware, a ransomware attack uses malware that encrypts or otherwise restricts access to computers, systems or data by exploiting system vulnerabilities. The attackers demand that the victim pays money (usually in cryptocurrency such as Bitcoin or Monero) to receive the decryption key Read more »
UK Government Puts Forward Revised Data Protection Reform Bill
Introduction Last year the United Kingdom government introduced a legislative proposal to change the UK privacy/data protection regime (which essentially consists of UK GDPR, PECR [E-Privacy rules] and the Data Protection Act 2018). Parliamentary work on this draft legislation was then put on hold and the UK government has now “reintroduced” the draft legislation, with Read more »
Client Alert: European Court clarifies conflicts between eDiscovery and GDPR
We first reported on this case on 3 March 2023 and have updated this note as more information has come to light. Introduction On 02 March 2023, the EU Court of Justice (ECJ) handed down judgment in a much awaited case – Norra Stockholm Bygg AB – looking at the conflicts between eDiscovery (also called Read more »
Everything Compliance – Episode 113 The ReplikaAI Edition
In this episode of Everything Compliance, Jonathan Armstrong looks at ReplikaAI and why it is in hot water in Italy over its chatbot. Jonathan also joins in a discussion on what this might mean for ChatGPT and he tells the tale of an AI user who speaks about the personal affects for her of her Read more »
Latest UK Russia Sanctions Developments
What’s this about? The UK sanctions regime on Russian individuals and entities under the UK sanctions regime with regard to the war in Ukraine has continued to develop; for more about how the UK sanctions regime works see the What is the UK sanctions regime? section of our article here https://www.corderycompliance.com/add65uksanctions/. This article sets out Read more »
Advocate General Opinions on EU GDPR Subject Access Requests – The Scope Of: Access To Whom Personal Data Has Been Disclosed & Obtaining Copies Of Personal Data
What’s this about? Two Advocate General Opinions were issued from the European Court of Justice (“the European Court”) not so long ago, essentially about the scope of access to recipients to whom personal data has been disclosed and obtaining copies of personal data following Subject Access Requests (“SARs”) under the EU General Data Protection Regulation Read more »
Client Alert: Russian Ransomware Gangs Sanctioned
Introduction Last week seven Russian individuals linked to the Conti ransomware gang were sanctioned by the UK and the US. Whilst the US has sanctioned individuals and companies involved in ransomware before, this is the first time that the UK has done so. Sanctioning the gang means that paying ransomware demands gets all the more Read more »
European Court Ruling – A Data Protection Officer Can Be Dismissed If There Is Just Cause
What’s this about? The EU General Data Protection Regulation (EU GDPR) mandates the appointment of a Data Protection Officer (DPO) by an organization in certain circumstances. EU GDPR also sets out the DPO’s core responsibilities and tasks and prescribes that a DPO must act independently and cannot be dismissed or penalised (by the data controller Read more »
- 1
- 2
- 3
- …
- 58
- Next Page »