Data Privacy & Cybersecurity

 

Data Privacy & Cybersecurity

EU gives draft approval to UK's data protection regime

In the wake of Brexit the UK has needed to establish a new arrangement with the European Union on the security and handling of personal data transferred from within the European Economic Area (EEA) to the UK. The European Union’s data protection...

Understanding the role of a representative under EU and UK GDPR after Brexit

Organisations in the UK and EU have been weathering a sea of changing legislation and uncertainty since the decision to leave the EU. In the case of data protection matters much remains undecided.   As things stand the EU GDPR has been incorporated...

2.7 million spam text messages sent during the pandemic - latest major ICO fines

Two companies have been fined £330,000 by the Information Commissioner’s Office for sending nuisance text messages during the COVID-19 pandemic.    West Sussex-based Leads Works Limited was fined £250,000 for sending over...

European Commission publishes draft adequacy decision for UK

Plenty of businesses have been worrying about what will happen with regards to data flows, now we’ve left the EU. Under the EU’s GDPR certain circumstances need to be in place if personal data is to be transferred outside of the EEA. This is...

Recommendations for transfer of personal data outside of EEA, following Schrems II decision, adopted

The European Data Protection Board has published its recommendations for supplementary measures required for international transfers of personal data. These include standard contractual clauses and recommendations on surveillance measures.   As a...

Ticketmaster fined £1.25 million by ICO for security fails

On 13th November 2020 Ticketmaster was fined £1.25 million by the UK Information Commissioner’s Office for failing to keep its customers’ personal data secure. The ICO found that Ticketmaster had breached the requirements of  Articles...

Standard contractual clauses for Article 28 Data Processing Agreements set out by the European Commission

The European Commission has adopted draft standard contractual clauses to be used between controllers and processors in the EEA .  These standard contractual clauses are designed to help organisations that rely on third-parties in the EEA to...

French Data Protection Authority (CNIL) fines Google and Amazon 135 million euros for alleged cookie violations

On 10th December 2020 the French Data Protection Authority (CNIL) announced that it was fining Google LLC €60 million, Google Ireland Limited €40 million and Amazon Europe Core €35 million. They found that, under the French cookie rules...

CIPL Recommendations for International Transfers Post-Schrems II

Back in July we wrote about the EU Court of Justice’s decision that one of the main methods for compliantly transferring personal data outside of the EEA to the US, commonly known as the “Privacy Shield” was no longer valid (due to the...

British Airways receives £20million fine from ICO for security breach

On 16th October 2020 the UK Information Commissioner’s Office announced that British Airways was to pay £20,000,000 for GDPR violations. This was a significant decrease (90%) of the originally proposed fine of £183,390,000 announced in...
  • Page 1 of 3