Areas of interest include anonymisation, “recognised legitimate interests”, and the ICO’s role. The UK Data Protection and Digital Information Bill (the Bill) sets out the government’s proposals for reforming the current...more
FTC Publishes Advance Notice of Proposed Rulemaking on Commercial Surveillance and Data Security - Concerned that companies use secret surveillance practices to collect “vast troves” of consumer information, the Federal...more
Since the introduction of the Data Protection Act (the “DPA”) in 2017, there has been a steady increase in the number of data protection breaches that have been reported to the Office of the Ombudsman . It is expected that...more
On 9 July 2021, the Data Protection Act, 2021 (the DPA) came into force in the British Virgin Islands (the BVI).The DPA applies to all BVI companies, limited partnerships and other entities that process, have control over or...more
Following the outbreak of COVID-19 and its development into a global pandemic, organisations have been implementing exceptional measures to safeguard employees, customers and others against the health threat that is being...more
An employer was held by the Court of Appeal to be vicariously liable for a rogue employee’s deliberate and criminal disclosure of the personal data of other employees. This was despite the employee’s aim being to harm the...more
UK supermarket chain Morrisons has been held vicariously liable for the acts of a malicious employee in the UK’s first data leak class action. The issue began in 2014, when a disgruntled Morrison’s internal IT auditor posted...more
The FCA has published its final “guidance for firms outsourcing to the cloud and other 3rd-party IT services“. The guidance is generic in two senses: it “aims to help firms and service providers understand [the FCA’s]...more