This is an overview of the e-Privacy Regulation (‘ePR’), which will replace Directive 2002/58/EC (Regulation on Privacy and Electronic Communications), or ‘e-Privacy Directive’. The e-Privacy Directive protects the confidentiality of electronic communications and applies to publicly available electronic communications services. In the U.K., the Privacy and Electronic Communications Regulation (“PECR”) implements the e-Privacy Directive. In […]
Dixons Carphone revealed a data breach involving 5.9 million payment cards and 1.2 million personal data records. The company is not expected to pay GDPR-level fines, as the breach occurred before the GDPR came into force. For more, click here. The ICO has fined Yahoo! UK Services Ltd £250,000 for failings after a cyber […]
Employee Computer Files The European Court of Human Rights (ECtHR) has ruled that an employer may ‘freely consult’ an employee’s computer file that is not private, so long as the company’s IT charter makes a provision to do so. In Libert v France (Application No 588/13), an employee of SNCF (France’s national railway company) was […]
The GDPR came into effect on 25 May 2018. In the UK, the Data Protection Act 2018 was given Royal Assent and now implements the Regulation. For the statute, click here. Max Schrems, the privacy activist and lawyer, has started a €7.6 billion GDPR lawsuit against Facebook, WhatsApp, Instagram and Google Android. For his press release […]
Last week an important case was decided in the High Court on the so-called ‘Right to be Forgotten’. The Claimants, NT1 and NT2, are businessmen who asked Google to remove links to search results that revealed their past convictions. The High Court judgment is lengthy and comprehensive. For those who wish to analyse the case […]
The U.K. government has begun an inquiry into so-called ‘cryptocurrencies’, that is, digital currencies and their associated distributed ledger technology. The Treasure Committee will investigate both the risks and opportunities. For more details click here. Two ‘Right to be Forgotten’ trials have been brought before the High Court this month. NT1 v Google […]
The Article 29 Working Party has released guidelines on a number of GDPR issues: automated individual decision-making and profiling, transparency, and revised guidelines on personal data breach notification. To access the guidelines, click here. The U.K. says it will require social media firms to provide annual transparency reports in order to combat extremist and abusive […]
