Search
Showing 88 results for Data protection
Failure to appoint an EU representative results in €525,000 fine
...data subject rights, including getting their personal data deleted. Following complaints by Dutch citizens to the Dutch Data Protection Authority, the company was fined €525,000 and ordered to d...
Gender Critical Beliefs recognised as a Protected Characteristic in Discrimination Law - Forstater v CGD Europe
...protections for those who hold gender critical beliefs. Maya Forstater was represented by Peter Daly, a partner at Doyle Clayton, who instructed barristers Ben Cooper QC and Anya Palmer of Old Square...
Immigration system to be modernised with sweeping new changes
...data if they already hold a valid Biometric Residence Permit (BRP). Instead, they will be able to provide their identity using a ‘ChipChecker’ process with their BRP and by uploading a photo. Fingerpr...
Free flow of data from the EEA to the UK: latest position
...data protection framework is largely based on the EU data protection framework” and, therefore, key areas of alignment exist in the EU and UK’s data protection measures. These included in areas such a...
ICO publishes data sharing code of practice
...data and demonstrate accountability. The ICO recommends organisations first conduct a data protection impact assessment when considering sharing personal data. In addition, it recommends a data shari...
ICO fines Ticketmaster UK £1.25million for data breach
...data breach The ICO has fined Ticketmaster UK £1.25million for failing to keep its customers’ personal data secure. What was the data breach? Ticketmaster sell event tickets on behalf of clients. Th...
ICO updates data subject access request guidance
...data subject access request guidance The ICO has published updated guidance on data subject access requests (“DSARs”), following a consultation on draft guidance last year. The final versi...
ICO fines Marriott £18.4million for a data breach
...data breach The ICO has fined Marriott International Inc £18.4million for failing to keep its customers’ personal data secure. £99.2million proposed fine In July 2019, the ICO issued a notice ...
Court of Appeal: Police Force’s use of automated facial-recognition technology unlawful
...data. Controllers should note the Court’s criticism of the Force’s Data Protection Impact Assessment. A Data Protection Impact Assessment must carefully assess the potential impact of the new p...
GDPR: fines issued across Europe for failing to appoint an independent Data Protection Officer
...Data Protection Officer Data supervision authorities in Spain and Belgium have recently issued substantial fines to companies for failing to appoint an independent Data Protection Officer (DPO). ...
Two recent GDPR fines emphasise the need to get the basics right
...data that is no longer required? Personal data must be adequate, relevant and limited to what is necessary for the purposes it was processed (“data minimisation principle”). Data must also not be sto...
Courts can award damages for loss of control over data even if no financial loss or distress caused
...data to subscribing advertisers to tailor who their adverts were sent to. He claimed under the Data Protection Act 1998 (“DPA 1998”), but the ruling is relevant for the GDPR and the new Data Pr...
Dutch employer fined €725,000 for processing biometric data unlawfully
...data. While Dutch law allows processing of biometric data when necessary for “authentication or security purposes” (there is no similar provision under the UK’s Data Protection Act 2018), this conditi...
Supreme Court: Morrisons not liable for data breach of rogue employee
...data they hold. A mass data breach can cause financial and reputational harm. Data protection training for staff is therefore vital as is the need for constant vigilance and regular review of internal...
ICO flexes its muscles and issues two maximum fines
...data. Both penalties (of £500,000) were issued under the Data Protection Act 1998 (due to the dates of the breaches), so avoided the higher penalties available under the GDPR. CRDNN Limited ...
Queen’s Speech 2017: What Employers Need to Know
...data protection framework suitable for the new digital age, allowing citizens to better control their data. It will establish a new data protection regime, replacing the Data Protection Act 1998 and ...
“Change Britain’s Future”: the Liberal Democrats' 2017 Manifesto
...data on BAME, LGBT+ employment levels and pay gaps; push for 40% female boards in FTSE 350 companies and implement the Parker review recommendations to increase ethnic minority representation in the b...
Conservatives Publish their General Election Manifesto
...data on their gender pay gap (no detail is given) and larger employers will also have to report on their ethnic pay gap. The Conservatives will take steps to improve the take up of shared parental le...
Information Commissioner Issues Guidance to Help Employers Prepare for New Data Protection Laws
...Data Protection Laws The Information Commissioner has called on employers to start preparing for EU General Data Protection Regulation and has a provided a 12 step guide. The guide suggests that emplo...
EU and US reach political agreement on transferring data to US
...data to be transferred to the US. This follows on from the ECJ’s ruling in Schrems v Data Protection Officer that the “safe harbour” framework did not provide adequate protection and could not be rel...