Calum Docherty

Calum Docherty

Latham & Watkins LLP

Contact
View Bio
RSS

Latest Posts › Data Controller

Share:

Kingdom of Saudi Arabia Issues New Data Transfer Risk Assessment Guidelines

The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more

3/24/2025  /  Data Controller , Data Privacy , Data Protection , Data Security , EU , General Data Protection Regulation (GDPR) , Information Commissioner's Office (ICO) , International Data Transfers , National Security , Personal Data , Regulatory Requirements , Risk Assessment , Risk Management , Saudi Arabia , UK

EDPB Issues Guidelines on Processing Personal Data for Legitimate Interests Purposes

The draft guidelines provide further clarification to the EDPB’s interpretation of legitimate interests, and suggest a potential divergence with the UK ICO....more

11/25/2024  /  Court of Justice of the European Union (CJEU) , Data Controller , Data Processors , Draft Guidance , EU , European Data Protection Board (EDPB) , General Data Protection Regulation (GDPR) , Information Commissioner's Office (ICO) , Marketing , Multi-Factor Test , Personal Data , UK

CJEU Sets High Bar for Responses to Data Subject Access Requests

Organisations must provide individuals with information on the specific recipients of their data upon request. The Court of Justice of the European Union (CJEU) has ruled that organisations must generally disclose the...more

5/5/2023  /  Court of Justice of the European Union (CJEU) , Data Controller , Data Subject Access Requests , Data Subjects Rights , Data-Sharing , EU , General Data Protection Regulation (GDPR) , Information Requests , Personal Data , UK GDPR

UK Data Protection Bill: Examination of Key Provisions (Part 2)

Areas of interest include anonymisation, “recognised legitimate interests”, and the ICO’s role. The UK Data Protection and Digital Information Bill (the Bill) sets out the government’s proposals for reforming the current...more

8/19/2022  /  Anonymization , Compliance , Data Controller , Data Processors , Data Protection , Data Security , Electronic Communications , European Data Protection Board (EDPB) , General Data Protection Regulation (GDPR) , Information Commissioner's Office (ICO) , Personal Data , Proposed Legislation , UK , UK Data Protection Act

UK Supreme Court Clarifies Position on Vicarious Liability for Data Breaches

Judgment offers some comfort for data controllers, without eliminating the possibility of vicarious liability based on an employee’s actions. The UK Supreme Court (UKSC) has ruled that WM Morrisons Supermarkets plc...more

4/10/2020  /  Data Breach , Data Controller , Personally Identifiable Information , UK , UK Supreme Court , Vicarious Liability

The Countdown Continues: One Year to the GDPR

The General Data Protection Regulation (GDPR or Regulation) will become applicable in one year, as of May 25, 2018. A lot has happened since we set out the key provisions of the Regulation last year....more

5/26/2017  /  Article 29 Working Party (WP29) , Data Controller , Data Processors , EU , General Data Protection Regulation (GDPR) , Personal Data , UK
6 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide