Life With GDPR: Cathay Pacific Enforcement Action
Life With GDPR: Episode 30- British Airways Data Breach Enforcement Action
E18: ICANN Loses First GDPR Court Ruling in Germany
Two new United Kingdom (“UK”) data transfer mechanisms, the International Data Transfer Agreement (“IDTA”) and the International Data Transfer Addendum (“UK Addendum”) to the European Union’s (“EU”) new standard contractual...more
The UK has left the European Union (EU), the transition period is over, the UK and EU have agreed a new Trade and Cooperation Agreement (the TCA), so what now for data protection? We look at the key consequences of Brexit for...more
With the UK now unambiguously out of the EU, the EU General Data Protection Regulation (2016/679) (“EU GDPR”) has been replaced by the United Kingdom General Data Protection Regulation (“UK GDPR”). In this third instalment of...more
13 January 2021 – EU supervisory authorities response to UK cross-border transfers - Following the finalisation of the TCA, a number of supervisory authorities in the EU issued statements in response. In addition, on 13...more
The end of the Brexit transition period on 31 December 2020 means the UK now has full autonomy over its data protection policies. As of 1 January 2021 the UK is recognised as a ‘third country’ under EU General Data Protection...more
With the end of the Brexit transition period rapidly approaching and the United Kingdom (UK) poised to become a “third country” after it leaves the European Union (EU), the UK and the EU have yet to reach any “deal” on how...more
Tell me more – ICO publishes detailed subject access guidance - The ICO has published detailed guidance for handling subject access requests. This is relevant to employers responding to subject access requests from...more
Now that Exit Day on 31st January is drawing close attention is focussing on what will happen during the transition period that will run from 31St January until the end of the year. ...more
BREXIT: DEAL OR NO-DEAL? DATA IS THE QUESTION - With the Brexit deadline looming ahead on 31 October 2019, the situation seemingly reaches new levels of uncertainty every day. Last week, the U.K. Supreme Court’s eleven...more
The Situation: The United Kingdom is due to leave the European Union ("EU") on 31 October 2019. Negotiations between member states of the EU excluding the United Kingdom ("EU27") and the United Kingdom are ongoing, but it is...more
If your company holds or collects data in the US, the UK and elsewhere in the EU, you should be mapping out how data flows through those jurisdictions in anticipation of the UK “crashing out” of the European Union in October,...more
The UK Supervisory Authority (the ICO) has had a headline-busting month. On July 9, 2019, the ICO announced its intention to fine Marriott International more than £99 million under the GDPR (General Data Protection...more
Companies should identify data flows, implement a data transfer solution, and update internal documents and privacy notices. Since our blog on “What a “No Deal” Brexit Means for UK Data Privacy”, the European Data...more
In an ironic twist, the British Information Commissioner’s Office (ICO) recently fined a Brexit advocacy group for violating regulations issued under an EU directive. The fines, totaling £120,000, were levied against...more
With a “No Deal” Brexit seeming more likely than ever after the UK Parliament voted down a proposed deal in January 2019, concerns are rapidly multiplying about the effects of such a withdrawal from the EU for organizations...more
The General Data Protection Regulation (GDPR) imposes strict obligations upon organizations that process the “personal data” of European individuals. Failure to comply with GDPR can result in large fines. The UK’s Information...more
On March 13, 2017, Elizabeth Denham, head of the UK data protection authority (“ICO”) publicly expressed her intention to massively recruit new personnel in an effort to be ready for the European (“EU”) general data...more
According to Theresa May, the UK’s recently installed prime minister, Brexit means Brexit. But what this actually means in practice is still unknown. There is still a huge amount of debate over what Brexit will look like,...more
The UK’s new Prime Minister Theresa May has said: “The country voted to leave the European Union, and as prime minister I will make sure that we leave the European Union.” That seems like a clear statement, but the...more
Despite the potential Brexit, the long awaited General Data Protection Regulation (GDPR) which is due to come into force on May 25, 2018 remains relevant to the UK, as the UK is highly likely to still be a member state of the...more
While we wait to see what the BREXIT result will mean for the UK’s data protection regime, it is important to recognize that the result will not change anything immediately. The exact nature of the post-BREXIT UK-EU...more
In immediate response to the outcome of the recent referendum in the United Kingdom (UK) to leave the European Union (EU), the UK’s data protection regulator, the Information Commissioner’s Office (ICO) released the following...more
The people of the UK have voted to leave the European Union and at the moment it is fair to say that the only certainty is uncertainty for the foreseeable future. However, when it comes to data protection - there really is...more
US companies and policy makers will no doubt spend a good chunk of the day today considering the possible implications for them of yesterday’s UK vote for Brexit. Mark Carney, Governor of the Bank of England, has issued a...more