Tag: data protection

Framework for EU-US data flows under scrutiny as ‘Schrems II’ case takes place at the CJEU

For those unfamiliar with the Schrems saga, a brief catch-up may be required. The original case, now known as ‘Schrems I,’ involved an Austrian activist, Max Schrems, filing a complaint with the Irish Data Protection Agency against Facebook. The complaint was that Facebook had allowed US authorities to access his personal data on social media…
Read more

University data protection policies under scrutiny as report finds threats of cyber attacks

A report published by the Higher Education Policy Institute and conducted by Jisc, a digital infrastructure provider for HE, has emphasised the expanding risks of cyberattacks among UK universities and academic institutions in general. Last year saw an increase (17%) in attacks and breaches from the year before, and the trend is likely to continue.…
Read more

European Commission reports awareness throughout Europe of data rights and data protection

The Special Eurobarometer 487a report on GDPR conducted by survey and data insight consultancy Kantar at the request of the European Commission has been published this month. Where relevant, the report’s findings are compared to findings from the Special Eurobarometer 431 on Data Protection conducted in 2015. The salient finding is that two-thirds of Europeans…
Read more

Belgian Data Protection Authority’s first GDPR fine imposed on public official 

The Belgian DPA delivered a strong message on 28th May 2019, that data protection is “everyone’s concern” and everyone’s responsibility, by premiering the GDPR’s sanctioning provision in Belgium with a fine of €2,000 imposed on a mayor (‘bourgmestre’) for the illegal utilisation of personal data.  Purpose Limitation was Breached  The mayor in question used personal data obtained for the purposes of…
Read more

GDPR’s 1st Birthday

General Data Protection Regulation reaches its first birthday This blogpost arrives as the General Data Protection Regulation (GDPR) reaches its first birthday, and a week after a report from the Washington-based Center for Data Innovation (CDI) suggested amendments to the GDPR. The report argues that regulatory relaxations would help foster Europe’s ‘Algorithmic Economy,’ purporting that GDPR’s restrictions of data…
Read more

What is a Data Protection Officer (DPO), and do you need one?

A DPO (Data Protection Officer) is an individual responsible for ensuring that their organisation is processing the data of its staff, customers, providers and any other individuals, i.e. data subjects, in compliance with data protection regulations. As of the EU-wide General Data Protection Regulation (GDPR), a DPO is mandatory for: Public authorities; and Organisations that…
Read more

HMRC’s 28 days to delete unlawfully obtained biometric data

In a statement released on 3rd May, the Information Commissioner’s Office reiterated their decision to issue HMRC a preliminary enforcement notice in early April. This initial notice was based on an investigation conducted by the ICO after a complaint from Big Brother Watch concerning HMRC’s Voice ID service on a number of the department’s helplines since January 2017. HMRC did not…
Read more

New US Privacy Bill on the Way

Core US Privacy Principles  On 18th November Democratic Senators issued a set of core principles that should underpin any proposed Federal Privacy legislation. The principles cover several issues across four categories to protect consumer privacy: (1) establish data safeguards, (2) invigorate competition, (3) strengthen consumer and civil rights, and (4) impose real accountability. New US…
Read more