Life With GDPR: Cathay Pacific Enforcement Action
Life With GDPR: Episode 30- British Airways Data Breach Enforcement Action
E18: ICANN Loses First GDPR Court Ruling in Germany
On March 8, 2023, the Data Protection and Digital Information (No. 2) Bill was introduced to the UK Parliament by the Department for Science, Innovation and Technology (DSIT). If enacted, the Bill will make changes to the UK...more
Areas of interest include anonymisation, “recognised legitimate interests”, and the ICO’s role. The UK Data Protection and Digital Information Bill (the Bill) sets out the government’s proposals for reforming the current...more
The bill would largely build on the UK data protection regime’s EU GDPR-style framework, albeit with UK-specific provisions. The UK government introduced the Data Protection and Digital Information Bill (the Bill) to...more
Since the General Data Protection Regulations ("GDPR") came into force in 2018, companies in the United Kingdom (UK) that have suffered cybersecurity attacks often face civil claims from individuals whose data has been...more
The Information Commissioner's Office (ICO) has issued a statement confirming that data protection will not stop the need for businesses to share information quickly, or adapt the way they work to face the unprecedented...more
The decision to appeal a regulatory finding is never taken lightly. By the time a regulator has completed its investigation and notified a company of its intention to fine, the company will have invested significant time and...more
Brexit raises critical issues regarding the future transfer of personal data outside of the EU, not least as to the role of the UK Data Protection Authority, the Information Commissioner’s Office (“ICO”), and as to its...more
A few days ago the UK’s Department for Digital, Culture, Media & Sport introduced the Data Protection Bill 2017 (“the Bill”). Once adopted by the legislature, the Bill will replace the Data Protection Act 1998, which is...more
The UK's Information Commissioner, Elizabeth Denham, has launched a series of blogs designed to “bust some of the myths” which she believes have developed around the EU General Data Protection Regulation (GDPR). Her first...more
Back in 2015, DeepMind, a Google company, signed a deal with the Royal Free NHS Foundation Trust. The deal allowed DeepMind access to 1.6 million patients health information as well as the ability to develop an app called...more
This month the ICO updated its Subject Access Code of Practice, which gives guidance to data controllers on how to respond to subject access requests from data subjects. The Code itself is not legally binding, but provides...more
Last week, the UK’s Information Commissioner’s Office (ICO) published a monetary penalty notice which fined a private healthcare company, HCA International, £200,000 for its failure to keep sensitive data secure....more
Brexit — Keep Calm and Carry On - The Brexit referendum elicited strong feelings amongst “Leavers” and “Remainers”, and will likely continue to do so. In the UK it is generally not as common for co-workers to discuss...more
General Data Protection Regulation Update - As reported in the April Locke Lord Privacy & Cybersecurity Newsletter, the European Parliament gave the final approval to the General Data Protection Regulation (GDPR) on...more