UK Data Protection Act

News & Analysis as of

How the General Data Protection Regulation Will Apply to and Affect the UK

The GDPR will apply to the UK when it is effective on May 25, 2018, but the government will need to adopt domestic data privacy legislation upon the UK’s pending exit from the EU....more

Subject Access Requests: "not an obligation to leave no stone unturned"

The English Court of Appeal has ruled in two recent cases that subject access requests are generally valid, and businesses must comply with such requests, even if they are made for collateral purposes, such as collecting...more

Defamation and data protection claims can be brought in parallel

The English Court of Appeal has confirmed in a recent case that data protection claims may be brought hand-in-hand with defamation claims. The case provides a reminder to businesses that the use of data protection as a weapon...more

Employment News - March 2017 #2

Don't ask, don't get – data subject access requests and litigation - The Court of Appeal has provided further guidance on responding to data subject access requests made in the context of litigation – in this case...more

Health Company Fined by UK’s Information Commissioner Office

Last week, the UK’s Information Commissioner’s Office (ICO) published a monetary penalty notice which fined a private healthcare company, HCA International, £200,000 for its failure to keep sensitive data secure....more

A Sea Change for Beneficiaries' Right to Information?

The Court of Appeal’s ruling in Dawson-Damer v Taylor Wessing offers beneficiaries rights of access to personal data held by trustees and their legal advisers. This is a landmark case in which our clients, the claimants,...more

Subject Access Requests in the UK - An Update

This OnPoint reports on the Court of Appeal judgment in Dawson-Damer & Ors v Taylor Wessing LLP, handed down on 16 February 2017, which addresses two key aspects of the legislation enabling individuals to lodge subject access...more

Privileged information is generally safe from Subject Access Requests

Subject Access Requests ("SARs") are an increasingly popular weapon in litigation, because they can be used to provide a cheap and quick form of pre-action disclosure. However, courts have confirmed that information subject...more

The Top Ten Things You Should Know About UK Employment Law

What 2016 lacked in employment law changes, it made up with political surprises (Brexit) and sweeping data protection changes (the GDPR). Due to these dynamic changes and in anticipation of what lies ahead, our UK employment...more

Employees' personal information must not be used unlawfully by employers

The case of Brown v. Commissioner of Police for the Metropolis is a reminder to employers that it is unlawful to use employees' personal information for anything other than its intended purpose....more

Disclosing personal data – new protections for regulated sector firms?

New protections are being proposed in the UK to allow regulated sector firms to share information regarding suspicions relating to money laundering and terrorist financing, in circumstances where law enforcement has been...more

Data subject access request cannot be used to circumvent CPR disclosure regime

Where a data subject access request (DSAR) is made relating to "mixed data" (ie data within a document containing the data of individuals other than the data subject) there must be a careful balancing exercise between the...more

Taking "Subject Access Requests" Seriously in the UK

Under section 7 of the Data Protection Act 1998 (DPA) employees are entitled to make a data “subject access request” (SAR) in order to obtain copies of the personal data held about them by their employer and certain other...more

ICO Reminds Organisations of EU-U.S. Personal Data Transfer Obligations

The Interim Deputy Commissioner at the Information Commissioner’s Office (“ICO”), Steve Wood, has published a blog reminding organisations of their obligations when transferring personal data to the United States, pursuant to...more

Employment Law Briefing

Brexit — Keep Calm and Carry On - The Brexit referendum elicited strong feelings amongst “Leavers” and “Remainers”, and will likely continue to do so. In the UK it is generally not as common for co-workers to discuss...more

High Court Permits University’s Contravention of Its Own Privacy Policy

The High Court in Bangura v Loughborough University [2016] EWHC 1503 (QB) ruled 19 May that Loughborough University acted lawfully under the Data Protection Act 1998 (“DPA”) in supplying Leicestershire Police with the...more

A Month in UK Employment Law - August 2016

News & Legislation Update - The UK votes to leave the EU - We could not write a roundup of news stories from the UK without referencing the UK's vote to leave the EU. The so-called "Brexit" has created...more

Unlocking the EU General Data Protection Regulation: A practical handbook on the EU's new data protection law: Chapter 18:...

Why does this topic matter to organisations? From the GDPR Effective Date, the GDPR will be the main instrument governing EU data protection law across all Member States. The Directive, which is almost 20 years old, will...more

Impact of Brexit on UK FinTech

In this insight we consider the current and potential effect of Brexit on the UK’s FinTech industry across areas including regulation and passporting, data sharing, anti-money laundering, human capital, the role of banks,...more

BREXIT: Data Protection

This Brexit Bite assesses the post-Brexit landscape with respect to the UK’s data protection laws. It is important to remember that the UK remains a member of the European Union until the terms of its withdrawal have been...more

The European, Middle Eastern and African Investigations Review 2016: United Kingdom: handling internal investigations

With so much potentially at stake, the initial steps and strategic decisions taken in any company investigation are critical to setting the tone for a focused, credible and effective inquiry. This is paramount not only for...more

Blog: FCA publishes guidance for firms outsourcing to the cloud and 3rd-party IT service providers

The FCA has published its final “guidance for firms outsourcing to the cloud and other 3rd-party IT services“. The guidance is generic in two senses: it “aims to help firms and service providers understand [the FCA’s]...more

Privacy & Cybersecurity Newsletter: July 2016

General Data Protection Regulation Update - As reported in the April Locke Lord Privacy & Cybersecurity Newsletter, the European Parliament gave the final approval to the General Data Protection Regulation (GDPR) on...more

What Brexit Means for Data Protection

For global pharmaceutical and medical device companies handling personal data in the European Union (EU) or engaged in transatlantic data transfers, some of the many questions created by the Brexit vote include what its...more

UK Data Privacy Laws in a Post-Brexit World

Following the United Kingdom’s nonbinding vote to leave the European Union (“Brexit”), what do businesses need to consider for data privacy compliance?...more

62 Results
|
View per page
Page: of 3
Cybersecurity

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×