Latest Posts › Cybersecurity

Share:

Morrisons Found Vicariously Liable for a Data Breach Committed by One of its Employees

Following a recent ruling by the High Court against WM Morrisons Supermarket PLC (“Morrisons”), employers may now find themselves vicariously liable for data breaches perpetrated by their employees. In 2014, it was...more

ENISA Publishes Report on Recommendations for Data Protection Certification Mechanisms Under the GDPR

On 27 November 2017, the European Union Agency for Network and Information Security (“ENISA”) published a report on Recommendations on European Data Protection Certification (“Report”). The aim of the Report is to identify...more

CJEU Rules Digital Rights Ireland’s Privacy Shield Invalidation Action Inadmissible

On 22 November 2017, the Court of Justice of the European Union (“CJEU”) gave judgment in a case taken by the not-for-profit company, Digital Rights Ireland Limited (“DRIL”). DRIL sought an annulment of the European...more

Article 29 Working Party Publishes Guidelines on Personal Data Breach Notification

On 3 October 2017, the Article 29 Working Party (“WP29”) published draft guidelines on personal data breach notification (“Guidelines”) under the General Data Protection Regulation 2016/279 (“GDPR”). In this blog, we look at...more

Article 29 Working Party Publishes Guidelines on Automated Individual Decision Making and Profiling

On 17 October 2017, the Article 29 Working Party (“Art 29 WP”) published draft guidelines on automated individual decision-making and profiling (“Guidelines”). In the Guidelines, the Art 29 WP states that profiling and...more

Article 29 Data Protection Working Party Publishes Final Guidelines on Data Protection Impact Assessments

On 4 October 2017, the Article 29 Working Party (“WP29”) released its final guidelines on Data Protection Impact Assessments (“DPIA”), which were initially proposed in draft form in April 2017. Article 35 of the General Data...more

European Commission Publishes First Annual Report on EU-US Privacy Shield

Following our previous blog on the upcoming first annual review of the EU-US Privacy Shield, the European Commission (“Commission”) published its report on 18 October 2017 (“Report”). Overall, the Report confirms that the...more

ICO Publishes Response to Consultation on European Commission’s Implementing Regulation to the NIS Directive

The Information Commissioner, Ms Elizabeth Denham, has published her comments on the European Commission’s consultation on the draft implementing regulation (“Implementing Regulation”) of the Network and Information Security...more

House of Lords Publishes Briefing on Data Protection Bill

The House of Lords Library, which provides research and information services to Members of the House of Lords, has published a briefing on the Data Protection Bill (“Bill”) which sets out an overview of and reactions to the...more

ICO Publishes Draft Guidance on Contracts and Liabilities Under the GDPR

The UK’s Information Commissioner (ICO) has published draft GDPR guidance on contracts and liabilities between controllers and processors. The draft guidance is currently open for consultation,with responses due by 10 October...more

UK Government Publishes Draft of the Data Protection Bill

On 14 September 2017, the Government published the long-awaited draft of the Data Protection Bill (the Bill). The Bill was first announced in the Queen’s Speech on 21 June 2017 (see our previous blog) and will incorporate the...more

ICO Sets the Record Straight on Data Breach Reporting Under the GDPR

The latest in the series of blogs from the UK Information Commissioner’s Office (ICO) looks at some of the myths around data breach reporting under the General Data Protection Regulation (GDPR). Given the misleading press...more

Government Announces Proposals for a New Data Protection Bill

The government has released a Statement of Intent (“the Statement”) for a new Data Protection Bill (“the Bill”). The Bill was originally announced in the Queen’s Speech earlier this year. This Statement provides further...more

UK Government Posts New NIS Directive Consultation Addressing Cybersecurity Threats

The security and reliability of the UK’s IT infrastructure remains a key priority for the government. In August 2017, the Department for Digital, Culture, Media and Sport launched a public consultation on its plans to...more

FCA Guidance On Tackling Cyber Crime

The Financial Conduct Authority recently released guidance regarding cyber resilience (in the form of new webpages) which FCA regulated firms should take account of. While many larger regulated firms have substantial cyber...more

The Queen’s Speech 2017: The Future for UK Data Protection Regulation

The Queen’s Speech was delivered 21 June 2017, setting out the government’s legislative plans. Key proposals from a data protection perspective include: - The introduction of a new Data Protection Bill, which will...more

South Korea Joins APEC’s Cross Border Privacy Rules system

This week, it was officially announced that South Korea has become the fifth country to join the Asia-Pacific Economic Cooperation’s (APEC) Cross Border Privacy Rules (CBPR) system. This system was developed by APEC in 2011...more

UK Government Publishes Digital Strategy to Create and Support a Secure and Thriving Data Economy

On 1 March 2017, the UK government published its Digital Strategy (“Strategy”) for a “world-leading digital economy that works for everyone.”. The Strategy contains a number of statements that bring some certainty to the...more

NIS Directive to be Implemented in UK Despite Brexit

In January, the UK government confirmed that it will be implementing the EU’s Network and Information Security Directive (NIS Directive) regardless of Brexit. EU countries have until 9 May 2018 to implement the Directive into...more

Trump Executive Order Spooks Privacy Shield Adherents and Privacy Community

Data protection and privacy officials and interest groups across the globe produced a flurry of activity on social media this week. Countless tweets, blogs and articles have responded to President Trump’s executive order...more

The New Cybersecurity Law of China: What does it Mean for the International Market?

On 7 November, the government of the People’s Republic of China passed the much-anticipated Cyber Security Law of China, which will come into force 1 June 2017. After first and second drafts were put out for public...more

Company Bosses Can No Longer Dodge Nuisance Call Fines

In an ongoing effort to tackle nuisance calls, the UK government has signalled its intention to make company directors directly liable for breaches of the Privacy and Electronic Communications Regulations (PERC) carried out...more

FCA and G7 issue cybersecurity guidelines for the financial sector

In its speech at the FT Cyber Security Summit, the FCA has outlined its approach to cybersecurity in financial services firms. In addition to this, the Group of 7 (“G7”) has issued an 8-point framework for the financial...more

In the age of Big Data, the EDPS issues an Opinion on enforcement and upholding fundamental rights

The European Data Protection Supervisor (“EDPS”) issued an Opinion on coherent enforcement of fundamental rights in the age of big data”. This is an update to the EDPS’ Preliminary Opinion in 2014 on “Privacy and...more

The Effect of Brexit on Cyber Security: A National Response to an International Threat?

As the risk of cyber attacks respects no borders, a cohesive and harmonised EU-level approach to cyber security is appropriate. It is therefore understandable that UK organisations have questions following the recent...more

47 Results
/
View per page
Page: of 2

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.