Life with GDPR - ICO Gets Serious About Subject Access Requests
Life with GDPR - Clearview AI Fine by the ICO
Life With GDPR: Episode 50-The Experian Enforcement Notice Case
SARS and Liability Issues under GDPR
Jonathan Armstrong and I return for another episode of Life with GDPR. In this episode, we took up a fine in the UK by the ICO against Clearview AI and previously discussed other EU countries’ fines against Clearview. Some of...more
Since 2018, the decision-making arsenal of the UK Information Commissioner’s Office (“ICO”) has included the Regulatory Panel, a body tasked with making independent recommendations to the Commissioner regarding proposed...more
As the September 27th deadline to implement the new Standard Contractual Clauses (“SCCs”) approaches, many privacy practitioners are working overtime to help their clients update their standard data processing addenda to...more
Orrick's Cyber, Privacy & Data Innovation and IP Licensing & Technology Transactions groups cover the top 10 things you need to know about the new Standard Contractual Clauses ("SCCs") published today by the European...more
The Information Commissioner’s Office (ICO), the UK’s data protection authority, has recently published updated guidance on an individual’s right to access their personal data. This OnPoint considers the key issues arising...more
On 16 October the UK Information Commissioner (ICO) confirmed that it had imposed a fine of £20m on British Airways (BA) for infringing the GDPR by failing to protect the personal data of approximately 400,000 of its...more
On 21 October 2020 the UK data protection authority (ICO) published a new Right of Access Detailed Guidance (SAR Guidance), following the public consultation on the SAR Draft Guidance (Draft Guidance) which ran from December...more
The Information Commissioner’s Office (ICO) recently issued guidance for employers on the issues they need to bear in mind when considering the introduction of testing as part of their arrangements for returning staff to the...more
The United Kingdom’s Information Commissioner’s Office has provided it’s guidance on COVID-19 and data privacy. •Public health messages are not direct marketing. •It’s about being proportionate – if some data processing...more
Employers’ primary concern at this time will be the health and safety of their employees in the wake of what has been declared a global pandemic by the World Health Organization. However, employers should still have regard to...more
In a recently published blog, the Information Commissioner’s Office (“ICO”) provided an update on its review of the adtech sector and noted that, whilst two key organisations are starting to make changes and many have engaged...more
Report on Supply Chain Compliance 3, no. 2 (January 23, 2020) - Two recent enforcement actions shed light on how regulators will enforce GDPR provisions going forward. In one case, the United Kingdom’s Information...more
Report on Supply Chain Compliance, Volume 2, no. 19 (October 10, 2019) - As the possibility of a ‘no-deal’ Brexit becomes more likely, U.K. organizations are preparing for the worst: a clean and final break from the...more
In this issue of UK Employment Flash, we examine the latest employment law developments, news and insights from the UK, including the Court of Appeal's ruling regarding pay for fathers or other caregivers taking shared...more
Want a certificate for all your hard work on GDPR? Later this year, “certification” will come into effect as a way for both data controllers and processors subject to UK data protection laws to demonstrate compliance with...more
On 9 July 2019 the UK data protection authority (ICO) updated its Data Sharing Code of Practice (first published in 2011) (Code). On the same day, the ICO also announced its intention to fine Marriott International just over...more
On July 18, 2019, the French Data Protection Authority (CNIL) issued new guidance on the use of cookies and similar tracking technologies (collectively referred to as “cookies” below). The guidance clarifies the instances in...more
Data protection authorities in the UK and France have released updated guidance for website operators that use cookies on their websites. This new guidance may mandate changes to existing cookie banners and provides further...more
The UK Information Commissioner's Office announced more than £280 million of fines last week, in connection with data protection breaches. It singled out the perceived failure of buyers to conduct proper data protection due...more
Federal US News - FTC Takes Action Against Companies Falsely Claiming Compliance With International Privacy Agreements - The FTC reached a settlement with a background screening company over allegations it falsely claimed...more
EU data protection law contains a powerful tool called a Subject Access Request ("SAR") which allows an individual to obtain copies of data about themselves, on demand, within a tight timeframe, and at low cost. Satisfying...more
As businesses continue to digitise their assets and operations, the need to continually assess IT infrastructure and the technical measures in place to safeguard key information assets and data becomes ever more important....more
In this month's Privacy & Cybersecurity Update, we examine several recent U.K.-related cybersecurity developments and the SEC's risk alert reminding investment advisers and broker-dealers to follow through on implementing...more
“The crucial, crucial change [GDPR] brought was around accountability. Accountability encapsulates everything the GDPR is about,” says UK Information Commissioner Elizabeth Denham. Denham said companies must understand the...more
We are pleased to announce the launch of our UK Employment Flash, covering the latest employment law developments, news and insights from the U.K. Our inaugural issue includes commentary on the U.K. government's proposed...more