Previously on this blog, we discussed the UK Information Commissioner’s Office (ICO) investigation into the planned rollout of facial recognition software for a large site around King’s Cross in London. This investigation has renewed scrutiny of the technology among data protection observers, particularly in its relation to privacy rights. Facial recognition technology for use in…
Read more
The new Parliamentary session starts on 3rd September. Inevitably the session will be, once again, dominated by Brexit. With so little time between the start of the session and the Brexit deadline of Hallowe’en (31st October) there will be little Parliamentary time given over to any issues other than the terms of the UK’s exit…
Read more
It would be giving the burgeoning cryptocurrency Libra short shrift to call it ambitious. Its aims as stated in the Libra Association’s white paper are lofty even by the rhetorical standards of Silicon Valley. If defining Libra as ‘the internet of money’ isn’t enough to convince you of the level of its aspiration, the paper…
Read more
The Information Commissioner’s Office (ICO) has released two statements this week declaring intention to fine British Airways and Marriott International, Inc £183.39m and £99m respectively for breaches of the General Data Protection Regulation (GDPR). In both cases, which affect data subjects from countries across the world, the ICO was the lead supervisory authority acting on…
Read more
The Belgian DPA delivered a strong message on 28th May 2019, that data protection is “everyone’s concern” and everyone’s responsibility, by premiering the GDPR’s sanctioning provision in Belgium with a fine of €2,000 imposed on a mayor (‘bourgmestre’) for the illegal utilisation of personal data. Purpose Limitation was Breached The mayor in question used personal data obtained for the purposes of…
Read more
General Data Protection Regulation reaches its first birthday This blogpost arrives as the General Data Protection Regulation (GDPR) reaches its first birthday, and a week after a report from the Washington-based Center for Data Innovation (CDI) suggested amendments to the GDPR. The report argues that regulatory relaxations would help foster Europe’s ‘Algorithmic Economy,’ purporting that GDPR’s restrictions of data…
Read more
A DPO (Data Protection Officer) is an individual responsible for ensuring that their organisation is processing the data of its staff, customers, providers and any other individuals, i.e. data subjects, in compliance with data protection regulations. As of the EU-wide General Data Protection Regulation (GDPR), a DPO is mandatory for: Public authorities; and Organisations that…
Read more
Profiling is a very useful tool which marketers have been using for decades to understand their customers better and to target them appropriately. However, the GDPR does make some changes to how profiling is considered which should be considered carefully before profiling is undertaken. For the first time, profiling has been included with automated processing…
Read more
