Introduction The European Data Protection Board (‘EDPB’) recently issued guidelines that revise the previous EU WP29 guidelines about consent under GDPR entitled ‘Guidelines 05/2020 on consent under Regulation 2016/679’ (‘the guidelines’). This article looks at the key revision clarifications, which concern ‘freely given consent’ and ‘cookie walls’, and ‘scrolling/swiping’. What’s this all about? Under GDPR Read more »
Search Results for: glossary
UK High Court Ruling about School Letter Privacy Infringements
Introduction In the fairly recent case of ST (a minor) & RT v the L Primary School, the UK High Court ruled that a letter sent by a school to parents aimed at reassuring them about the behaviour of one of its pupils infringed various privacy rules, including data protection legislation. This article sets out Read more »
Belgian Regulator Imposes Euro 50,000 Fine for Non-Compliance with Data Protection Officer GDPR Requirements
Introduction Under the EU General Data Protection Regulation (“GDPR”), where certain conditions are met it is mandatory for an organisation to designate a Data Protection Officer (“DPO”). GDPR also sets out a number of conditions for the DPO’s appointment concerning their role and tasks. These include the requirement that whilst a DPO can fulfil other Read more »
Client Alert: BA & Marriott Data Breaches ICO Fines Finalisation Now Expected August-September 2020
Introduction In the summer of 2019 the UK’s data protection regulator the ICO announced its intention to fine the airline British Airways (BA) £183.39 million (around $225 million) and the hotel group Marriott International (Marriott) £99.2 million (around $122 million) for respective data breaches. Although this process was expected to have been completed a few Read more »
Client Alert: UK Supreme Court Rules UK Government Data Transfer Infringed Data Protection Rules
Introduction In the recent case of Elgizouli v Secretary of State for the Home Department, the UK’s Supreme Court ruled that the UK government infringed the UK Data Protection Act 2018 (‘the DPA 2018’) with regard to law enforcement data transfer made in that matter to the US. This article sets out the highlights of Read more »
Client Alert: ICO issues regulatory approach to data protection and COVID-19
Introduction The UK’s Information Commissioner’s Office (ICO) has just released new guidance about its regulatory approach to COVID-19. This article sets out the highlights. What’s this all about? In light of challenges faced by organisations because of COVID-19, the ICO has issued a statement entitled ‘How we will regulate during coronavirus’ (‘the statement’) accompanied by Read more »
Client Alert: UK Court Judgment on Verbal Disclosure under Data Protection Rules (Scott v LGBT Foundation)
Introduction The UK High Court recently ruled that oral disclosures (in this case provided during a telephone call) do not qualify as ‘data’, for the purposes of processing of personal data, and consequently do not fall within the scope of data protection rules. This article is a summary about the case and its possible implications. Read more »
Client Alert: UK Supreme Court ruling in Morrisons vicarious liability case
Introduction Today the UK’s Supreme Court gave an important ruling in the Morrisons case concerning whether employees could succeed in getting financial compensation after a data breach caused by one of Morrisons’ employees. Whilst the Supreme Court ruled that an employer can be legally responsible (under the principle of ‘vicarious liability’) for data breaches caused Read more »
Client Alert: UK Court of Appeal ruling in Dawson-Damer Taylor Wessing case on ‘relevant filing system’
Introduction Data protection rules (including GDPR and the UK Data Protection Act 2018) allow for individuals to make so-called “Subject Access Requests” (SARs) where they can seek to obtain information about the personal data held about them by organizations or individuals and certain other related information including about how that data is processed, to which Read more »
Client Alert: UK Court of Appeal ruling in Dawson-Damer Taylor Wessing case on ‘relevant filing system’
Introduction Data protection rules (including GDPR and the UK Data Protection Act 2018) allow for individuals to make so-called “Subject Access Requests” (SARs) where they can seek to obtain information about the personal data held about them by organizations or individuals and certain other related information including about how that data is processed, to which Read more »
- « Previous Page
- 1
- …
- 3
- 4
- 5
- 6
- 7
- …
- 11
- Next Page »