News & Analysis as of

Information Commissioner's Office

Meritas Data Protection & Privacy The GDPR - new data governance obligations on businesses

Let’s start with the good news. The current obligation to register with the national data protection authority will be abolished. Along with the fines and criminal offences of failing to do so. In its place, the...more

UK ICO Publishes Discussion Paper on Profiling and Automated Decision-Making under GDPR

by WilmerHale on

The UK Information Commissioner’s Office (ICO) continues to play an active role in shaping data protection law in the EU, notwithstanding the UK’s decision to leave the EU in the aftermath of Brexit. On April 6, 2017, the ICO...more

‘Once in a Generation’ Legislative Changes: the ICO’s Strategy for GDPR Challenges

by Reed Smith on

Information Commissioner Elizabeth Denham has recently given some valuable insights into the Information Commissioner’s Office’s (ICO) General Data Protection Regulation (“GDPR”) strategy. Addressing the House of Lords EU...more

UK ICO Requests Input for Guidance on GDPR Profiling Requirements

by Hogan Lovells on

The UK ICO has published what it describes as a feedback request on profiling and automated decision-making, with the intention that responses will “help inform the UK’s contribution to the WP29 guidelines due to be published...more

Man vs. Machine: the ICO Provides Guidance On Use of Big Data

by Reed Smith on

As the European data protection framework evolves, big data remains a hot topic. Often, what makes up these large data sets is personal data, so it has clear data protection implications. The Information Commissioner’s...more

ICO request feedback on profiling and automated decision-making

by Dentons on

The ICO has published a request for feedback on the GDPR rules on profiling and automated decision making. They say it’s not guidance and just initial thoughts but we think it is a good steer on what the ICO thinks are the...more

The dangers of direct marketing: Seeking consent or asking for trouble?

by White & Case LLP on

The UK Information Commissioner's Office has issued fines to two businesses for unlawfully sending emails to individuals to ask about their marketing preferences. These cases emphasise the fact that "marketing" in this...more

ICO Issues Fine for Marketing Emails Disguised as Service Messages

by Hogan Lovells on

The Information Commissioner’s Office (ICO) has issued a £70,000 fine against Flybe and a £13,000 fine against Honda Motor Europe Ltd for breaching Regulation 22 of the Privacy and Electronic Communications Regulations (PECR)...more

UK Privacy Regulator Addresses Data Protection Under The GDPR

by King & Spalding on

On Monday, March 6, 2017, the UK’s Information Commissioner’s Office (“ICO”) held its annual Data Protection Practitioners’ Conference. During the conference, Information Commissioner Elizabeth Denham, who was appointed to...more

United Kingdom Privacy Office Issues Guidance on Consent Under GDPR

by Ballard Spahr LLP on

The EU General Data Protection Regulation (GDPR), which takes effect in May 2018, will require companies to reassess their mechanisms for obtaining, tracking, and verifying individuals' consent. Companies will need clear and...more

ICO Seeks Extra Resources for GDPR Enforcement

by Alston & Bird on

On March 13, 2017, Elizabeth Denham, head of the UK data protection authority (“ICO”) publicly expressed her intention to massively recruit new personnel in an effort to be ready for the European (“EU”) general data...more

UK ICO Publishes Guidance on Consent Under GDPR

by Hogan Lovells on

The UK Information Commissioner’s Office has just published draft guidance on consent under GDPR. This is an interesting move given that the Article 29 Working Party has promised guidance on the same topic later this year,...more

Health Company Fined by UK’s Information Commissioner Office

by Hogan Lovells on

Last week, the UK’s Information Commissioner’s Office (ICO) published a monetary penalty notice which fined a private healthcare company, HCA International, £200,000 for its failure to keep sensitive data secure....more

UK Launches Public Consultation on GDPR Consent Guidance

by Alston & Bird on

The General Data Protection Regulation (GDPR) will come into force on 25 May 2018, replacing UK’s Data Protection Act 1998 (DPA). It is yet unclear how Brexit will play out, yet in the meantime the United Kingdom is moving to...more

ICO Turns Spotlight on Data Broker Industry

by Hogan Lovells on

Data brokers are organisations that obtain data from a variety of sources and then sell or license it to third parties. Many trade in personal data, which is purchased by their customers for several purposes, most commonly to...more

UK Reaffirms Commitment to GDPR while ICO Increases its International Focus

by Reed Smith on

At the beginning of February, the Minister of State responsible for digital and culture policy, Matt Hancock, reaffirmed the UK’s commitment to implementing legislation mirroring the General Data Protection Regulation (GDPR),...more

Article 29 Working Party Adopts its 2017 Action Plan

by Reed Smith on

In early January, the Article 29 Working Party (WP29) adopted its 2017 Action Plan (Action Plan) on the implementation of the General Data Protection Regulation (GDPR). Amongst the actions proposed, the Action Plan...more

“Do As I Say, Not As I Do”: A Business Specialising in Blocking Unsolicited Marketing Calls is Fined for Making Unsolicited...

by Reed Smith on

It is difficult to miss the irony of the ICO’s first-awarded fine for nuisance calls since taking over the Telephone Preference Service (TPS), as reported in our earlier blog in December. IT Protect Ltd., a Bognor Regis...more

Cold but exhilarating in Davos

by Hogan Lovells on

We're just back from our second visit to the Davos 'fringe' with Innovate Finance and several FinTech momentum players. Numerous events and discussions on a wide range of topics take place alongside the main World Economic...more

ICO to Assume Telephone Preference Service Responsibility

by Reed Smith on

Effective 30 December 2016, the Information Commissioner’s Office (‘ICO’) will be responsible for recording and maintaining the Telephone Preference Service (‘TPS’) register. The TPS is a free service offered to the...more

Businesses can refuse Subject Access Requests made for the dominant purpose of litigation

by White & Case LLP on

The High Court has ruled that a business that receives a Subject Access Request ("SAR") can refuse to disclose the requested information in some cases, if the dominant purpose of the SAR is litigation. This appears to mark a...more

UK ICO Issues New Guidance on Privacy Notices

by Locke Lord LLP on

The UK’s Information Commissioner’s Office (ICO), the independent authority responsible for the enforcement of the Data Protection Act 1998 (DPA), has issued a revised code of practice (the Code) on communicating privacy...more

Company Bosses Can No Longer Dodge Nuisance Call Fines

by Reed Smith on

In an ongoing effort to tackle nuisance calls, the UK government has signalled its intention to make company directors directly liable for breaches of the Privacy and Electronic Communications Regulations (PERC) carried out...more

UK to implement GDPR regardless of Brexit

by White & Case LLP on

The UK government has confirmed that it will implement the EU General Data Protection Regulation, notwithstanding the UK's decision to leave the EU. This announcement confirms that UK businesses will need to become GDPR...more

The Subject Access Request That Led to a Security Breach, or Why Having a System to Respond to Access Requests Is Essential

by Reed Smith on

In August, the UK’s data protection regulator, the ICO, fined a Hertfordshire GP practice £40,000 under the Data Protection Act 1998 (“DPA”) after a subject access request (“SAR”) went badly wrong. A lack of process, training...more

98 Results
|
View per page
Page: of 4
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
Feedback? Tell us what you think of the new jdsupra.com!