The ICO has welcomed a change in legislation which came into effect on 1 February 2015 enabling it to audit National Health Service (NHS) bodies to check for compliance with the UK Data Protection Act 1998. ...more
Welcome to our 2014 edition of UK Legal Highlights. This publication is a reminder of some of the most important and significant developments DLA Piper reported in 2014, along with some forthcoming developments to look out...more
In parts one and two of this series summarizing data protection law in the United Kingdom, we looked at the data protection principles to which employers must adhere in relation to obtaining, holding, or disposing of personal...more
The European Court of Justice’s decision in the Google case that it was required to remove links to “outdated” or “irrelevant” information about an individual has brought EU data privacy laws to the forefront of public...more
As the next in our series of “back to privacy basics”, we look at the rules regarding privacy governance.
As we will do throughout this series, we take a look at the current position and what is best practice for an...more
UK: London's IP anti-crime unit shuts down leading sports file sharing site -
The City of London’s Police Intellectual Property Crime Unit has successfully shut down the Sports Torrent Network, a leading sports...more
Over the next few weeks we will be going back to data privacy basics in our eight part “Europe under Review” blog series. We will be comparing current data privacy laws and best practice in the UK with the proposed new state...more
Recent surveys have shown that companies of all sizes are optimistic about their ability to expand and create jobs in 2014. With business confidence said to be at its highest since 1994, now is a good time for employers to...more
Dealing with a subject access request (SAR), whether or not the person making the request is an employee, can be very time consuming. The Information Commissioner’s Office (ICO) issued a Code of Practice in August 2013 on...more
A judgment recently handed down from the High Court clarifies the obligations of liquidators under the Data Protection Act 1998, providing them with greater personal protection from fines or other sanctions.
Last month, the UK Information Commissioner’s Office (UK ICO) published guidance on the application of the Data Protection Act 1998 (UK DPA) to social networking sites and online forums....more
On January 24, 2013, the UK Data Protection Watchdog — the UK Information Commissioner's Office (ICO) — fined Sony Computer Entertainment Europe Limited £250,000 (about $400,000) for its alleged failure to implement...more
On 24 January 2013, the UK Information Commissioner’s Office (ICO) served Sony Computer Entertainment Europe Limited (“Sony”) with a monetary penalty of £250,000 following a serious breach of data security...more
The UK Information Commissioner’s Office (ICO) has fined Sony £250,000 for the widely publicized 2011 security breach during which hackers gained access to personal data (including credit card information) of over 77 million...more
The much-anticipated Leveson Inquiry on the Culture, Practices and Ethics of the Press (“Leveson Report” or “Report”) was released on November 29, 2012. The inquiry leading to the Report was initiated as a response to ongoing...more
The UK Data Protection Act 1998 (“DPA”) imposes various restrictions on “data controllers”, such as employers, when “processing” personal data relating to individuals. In particular, employers must comply with eight data...more
New guidance defines when electronically held personal data is "beyond use" once deleted.
As part of its mission to assist companies to understand and fulfil their obligations under the UK's Data Protection Act 1998...more
On 16 August 2012, the ICO published guidance on deleting personal data under the Data Protection Act 1998 (DPA). The guidance describes how organisations can ensure compliance with the DPA when they delete or archive...more
Back to Top