The new Parliamentary session starts on 3rd September. Inevitably the session will be, once again, dominated by Brexit. With so little time between the start of the session and the Brexit deadline of Hallowe’en (31st October) there will be little Parliamentary time given over to any issues other than the terms of the UK’s exit…
Read more
For those unfamiliar with the Schrems saga, a brief catch-up may be required. The original case, now known as ‘Schrems I,’ involved an Austrian activist, Max Schrems, filing a complaint with the Irish Data Protection Agency against Facebook. The complaint was that Facebook had allowed US authorities to access his personal data on social media…
Read more
A report published by the Higher Education Policy Institute and conducted by Jisc, a digital infrastructure provider for HE, has emphasised the expanding risks of cyberattacks among UK universities and academic institutions in general. Last year saw an increase (17%) in attacks and breaches from the year before, and the trend is likely to continue.…
Read more
The Special Eurobarometer 487a report on GDPR conducted by survey and data insight consultancy Kantar at the request of the European Commission has been published this month. Where relevant, the report’s findings are compared to findings from the Special Eurobarometer 431 on Data Protection conducted in 2015. The salient finding is that two-thirds of Europeans…
Read more
The Belgian DPA delivered a strong message on 28th May 2019, that data protection is “everyone’s concern” and everyone’s responsibility, by premiering the GDPR’s sanctioning provision in Belgium with a fine of €2,000 imposed on a mayor (‘bourgmestre’) for the illegal utilisation of personal data. Purpose Limitation was Breached The mayor in question used personal data obtained for the purposes of…
Read more
General Data Protection Regulation reaches its first birthday This blogpost arrives as the General Data Protection Regulation (GDPR) reaches its first birthday, and a week after a report from the Washington-based Center for Data Innovation (CDI) suggested amendments to the GDPR. The report argues that regulatory relaxations would help foster Europe’s ‘Algorithmic Economy,’ purporting that GDPR’s restrictions of data…
Read more
A DPO (Data Protection Officer) is an individual responsible for ensuring that their organisation is processing the data of its staff, customers, providers and any other individuals, i.e. data subjects, in compliance with data protection regulations. As of the EU-wide General Data Protection Regulation (GDPR), a DPO is mandatory for: Public authorities; and Organisations that…
Read more
In a statement released on 3rd May, the Information Commissioner’s Office reiterated their decision to issue HMRC a preliminary enforcement notice in early April. This initial notice was based on an investigation conducted by the ICO after a complaint from Big Brother Watch concerning HMRC’s Voice ID service on a number of the department’s helplines since January 2017. HMRC did not…
Read more
Core US Privacy Principles On 18th November Democratic Senators issued a set of core principles that should underpin any proposed Federal Privacy legislation. The principles cover several issues across four categories to protect consumer privacy: (1) establish data safeguards, (2) invigorate competition, (3) strengthen consumer and civil rights, and (4) impose real accountability. New US…
Read more
