News & Analysis as of

UK Data Protection Act

Brexit and Data Protection: The UK Government's New Data Protection Bill

by WilmerHale on

The UK government has taken an additional step in its attempts to find a way to ensure uninterrupted data flows between the UK and the EU after Brexit. On 13 September 2017, the UK government introduced a draft Data...more

UK Introduces Draft Data Protection Bill

by Alston & Bird on

A few days ago the UK’s Department for Digital, Culture, Media & Sport introduced the Data Protection Bill 2017 (“the Bill”). Once adopted by the legislature, the Bill will replace the Data Protection Act 1998, which is...more

UK Government Publishes Draft of the Data Protection Bill

by Reed Smith on

On 14 September 2017, the Government published the long-awaited draft of the Data Protection Bill (the Bill). The Bill was first announced in the Queen’s Speech on 21 June 2017 (see our previous blog) and will incorporate the...more

Employee privacy and monitoring

by Dechert LLP on

The Grand Chamber of the European Court of Human Rights (ECtHR) held in Barbulescu v Romania (Application no. 61496/08) last week that there was a breach of the right to privacy where an employer searched the contents of an...more

Consent under the General Data Protection Regulation: what are the alternatives for employers?

by Dechert LLP on

The UK's Information Commissioner, Elizabeth Denham, has launched a series of blogs designed to “bust some of the myths” which she believes have developed around the EU General Data Protection Regulation (GDPR). Her first...more

Government Announces Proposals for a New Data Protection Bill

by Reed Smith on

The government has released a Statement of Intent (“the Statement”) for a new Data Protection Bill (“the Bill”). The Bill was originally announced in the Queen’s Speech earlier this year. This Statement provides further...more

UK Will Soon Introduce a New Data Protection Bill

by Alston & Bird on

The UK Department for Culture, Media & Sport is planning to present a new Data Protection Bill to the Parliament in early September. This new Bill will replace the current UK Data Protection Act 1998 and will effectively...more

Cybersecurity – A Recent UK ICO Fine Provides 60,000 Reasons for Organisations to Review Data Security

by Ropes & Gray LLP on

On 27 June 2017, the Information Commissioner’s Office issued a £60,000 fine to a company hit by a cyberattack along with a warning to all SMEs to ensure that they are doing all they can to safeguard their customers’ personal...more

DeepMind Deal with NHS Trust Reveals Privacy Concerns

Back in 2015, DeepMind, a Google company, signed a deal with the Royal Free NHS Foundation Trust. The deal allowed DeepMind access to 1.6 million patients health information as well as the ability to develop an app called...more

New UK Subject Access Code of Practice

by McGuireWoods LLP on

This month the ICO updated its Subject Access Code of Practice, which gives guidance to data controllers on how to respond to subject access requests from data subjects. The Code itself is not legally binding, but provides...more

Subject Access Requests: ICO Publishes Updated Guidance

by Reed Smith on

The Information Commissioner’s Office (ICO) has published an updated data subject access code of practice (the Code) to reflect developments following two major Court of Appeal judgments published in early 2017: Dawson-Damer...more

How to Comply with the New General Data Protection Regulation: A Q&A with Partner Gail Crawford and Counsel Ulrich Wuermeling

by Latham & Watkins LLP on

In less than one year, from 25 May 2018, the General Data Protection Regulation (GDPR or Regulation) will become enforceable. The GDPR introduces a rigorous, far-reaching privacy framework for businesses that operate, target...more

Court Of Appeal Provides Further Guidance For Data Controllers On Handling Subject Access Requests

by Dentons on

In the first April edition of our employment law round-up we considered the Court of Appeal's decision in Dawson–Damer v. Taylor Wessing LLP [2017] EWCA Civ 74, which (amongst other things) concerned the relevance of an...more

The dangers of direct marketing: Seeking consent or asking for trouble?

by White & Case LLP on

The UK Information Commissioner's Office has issued fines to two businesses for unlawfully sending emails to individuals to ask about their marketing preferences. These cases emphasise the fact that "marketing" in this...more

Defamation and Data Protection: A Twin-Barrelled Approach to Claims Against Publishers

by Reed Smith on

In the recent case of Prince Moulay Hicham v Elaph Publishing Limited, the Court of Appeal held in a unanimous decision that a claimant could include an action under the UK Data Protection Act 1998 (‘DPA’) as an alternative...more

How the General Data Protection Regulation Will Apply to and Affect the UK

by Morgan Lewis on

The GDPR will apply to the UK when it is effective on May 25, 2018, but the government will need to adopt domestic data privacy legislation upon the UK’s pending exit from the EU....more

Subject Access Requests: "not an obligation to leave no stone unturned"

by White & Case LLP on

The English Court of Appeal has ruled in two recent cases that subject access requests are generally valid, and businesses must comply with such requests, even if they are made for collateral purposes, such as collecting...more

Defamation and data protection claims can be brought in parallel

by White & Case LLP on

The English Court of Appeal has confirmed in a recent case that data protection claims may be brought hand-in-hand with defamation claims. The case provides a reminder to businesses that the use of data protection as a weapon...more

Employment News - March 2017 #2

by Hogan Lovells on

Don't ask, don't get – data subject access requests and litigation - The Court of Appeal has provided further guidance on responding to data subject access requests made in the context of litigation – in this case...more

Health Company Fined by UK’s Information Commissioner Office

by Hogan Lovells on

Last week, the UK’s Information Commissioner’s Office (ICO) published a monetary penalty notice which fined a private healthcare company, HCA International, £200,000 for its failure to keep sensitive data secure....more

A Sea Change for Beneficiaries' Right to Information?

by McDermott Will & Emery on

The Court of Appeal’s ruling in Dawson-Damer v Taylor Wessing offers beneficiaries rights of access to personal data held by trustees and their legal advisers. This is a landmark case in which our clients, the claimants,...more

Subject Access Requests in the UK - An Update

by Dechert LLP on

This OnPoint reports on the Court of Appeal judgment in Dawson-Damer & Ors v Taylor Wessing LLP, handed down on 16 February 2017, which addresses two key aspects of the legislation enabling individuals to lodge subject access...more

Privileged information is generally safe from Subject Access Requests

by White & Case LLP on

Subject Access Requests ("SARs") are an increasingly popular weapon in litigation, because they can be used to provide a cheap and quick form of pre-action disclosure. However, courts have confirmed that information subject...more

The Top Ten Things You Should Know About UK Employment Law

What 2016 lacked in employment law changes, it made up with political surprises (Brexit) and sweeping data protection changes (the GDPR). Due to these dynamic changes and in anticipation of what lies ahead, our UK employment...more

Employees' personal information must not be used unlawfully by employers

by Dentons on

The case of Brown v. Commissioner of Police for the Metropolis is a reminder to employers that it is unlawful to use employees' personal information for anything other than its intended purpose....more

77 Results
|
View per page
Page: of 4
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.