Prospective Class Action Against Google is Stopped - Summary - The UK Supreme Court has handed down its much anticipated judgment in Lloyd v Google LLC. Google has successfully appealed against the Court of Appeal’s...more
Since the General Data Protection Regulations ("GDPR") came into force in 2018, companies in the United Kingdom (UK) that have suffered cybersecurity attacks often face civil claims from individuals whose data has been...more
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
On April 1, 2020, the U.K. Supreme Court handed down its judgment in the case of WM Morrison Supermarkets plc v Various Claimants [2020] UKSC 12, the first class action-type claim concerning a data breach in the U.K.. In this...more
Report on Supply Chain Compliance 3, no. 4 (February 20, 2020) - The Information Commissioner’s Office fined DSG Retail Limited (DSG) 500,00 British pounds after an investigation discovered a data breach involving the...more
In this month's Privacy & Cybersecurity Update, we examine several recent U.K.-related cybersecurity developments and the SEC's risk alert reminding investment advisers and broker-dealers to follow through on implementing...more
An employer was held by the Court of Appeal to be vicariously liable for a rogue employee’s deliberate and criminal disclosure of the personal data of other employees. This was despite the employee’s aim being to harm the...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the European Data Protection Board's published opinions on data protection impact assessments, an Ohio court's ruling that bitcoin is covered insured...more
The received wisdom was always that the greatest exposures created by a cyber security incident or data breach were the costs of remediation, business disruption and any regulatory fine. Whilst litigation risk existed, it...more
In Various Claimants v WM Morrisons Supermarket PLC [2017] EWHC3 113 (QB), the High Court considered whether an employer was liable for an employee’s malicious disclosure of personal data belonging to other employees. This...more
A landmark ruling in a group action by employees has found Morrisons Supermarket vicariously liable for a deliberate data breach carried out by a rogue employee, out of working hours and at home on a personal computer. The...more
The United Kingdom High Court recently issued a landmark liability judgment against the supermarket, Morrisons, following a data breach caused by a rogue employee (Various Claimants v. WM Morrisons Supermarket [2017] EWHC3113...more
The GDPR will apply to the UK when it is effective on May 25, 2018, but the government will need to adopt domestic data privacy legislation upon the UK’s pending exit from the EU....more