Data protection
Data protection officers WP29: guidelines
When the GDPR comes into force in May 2018, it will be mandatory for certain data controllers and processors to designate a Data Protection Offcer (DPO).
Read moreData protection - The right to data portability: WP29 guidelines
WP29 has published guidelines on the interpretation and implementation of the right to data portability under Article 20 of the General Data Protection Regulation.
Read moreData protection: the new ePrivacy Regulation
The EU Commission has published its proposal for a new ePrivacy Regulation.
Read moreNuisance calls
From Spring 2017, directors can each be fined up to £500,000 by the Information Commissioner's Office (ICO) if their firms are found to be in breach of the Privacy and Electronic Communications Regulations (the Regulations) by making nuisance calls.
Read moreInvestigatory Powers Act: Royal assent
On 29 November 2016, the Queen gave royal assent to the Investigatory Powers Bill, marking the end of the controversial bill’s passage into law.
Read moreTalkTalk: how quickly must you notify a personal data breach?
How quickly must you notify the ICO following notification of a personal data breach? And what lessons can be learned from the tight timescales currently imposed on communications providers as all businesses head towards 72 hour data breach notification under the GDPR?
Read moreTalkTalk: ICO issues record fine
The ICO has issued a record £400,000 fine to TalkTalk for failing to keep personal data secure in breach of the Data Protection Act 1998 (DPA).
Read moreNew ICO Code on Privacy Notices Transparency and Control
The Information Commissioner’s Office (ICO) has recently issued a new Code of Practice on Privacy Notices, Transparency and Control (the Code).
Read moreData protection: US privacy shield
The EU published the draft text of the much-anticipated “Privacy Shield” deal on 29 February. This was amended following criticisms and the revised text was formally adopted by the European Commission on 12 July 2016. Companies have been able to certify with the US Department of Commerce since 1 August 2016.
Read moreData protection: Bangura v Loughborough University [2016] EWCH 1503 (QB)
Can an organisation’s breach of its data protection policy give rise to a claim under the Data Protection Act 1998 (the DPA) and/or a breach of contract claim?
Read more