The Facts On 12 January 2014, an employee of the Defendant “Morrisons” posted a file containing the personal details of almost 100,000 colleagues on the Internet. Mr Andrew Skelton, a senior IT Auditor at Morrisons, was later charged and convicted under the Computer Misuse Act 1990 and section 55 of the Data Protection Act 1998 […]
The Article 29 Data Protection Working Party recently issued guidelines on fines for the purposes of the General Data Protection Regulation (‘GDPR’). Article 83(1) of the GDPR states that supervisory authorities should identify corrective measures that are “effective, proportionate and dissuasive”. Article 83(2) is the starting point for assessing a case for the purpose of […]
The Article 29 Data Protection Working Party (‘A29WP’) recently issued guidelines on personal data breach reporting under the General Data Protection Regulation (‘GDPR’). The GDPR obliges data controllers to report personal data breaches to data protection authorities within 72 hours unless the breach is ‘unlikely to result in a risk to the rights and freedoms’ […]
There has been an important judgment in the area of employee privacy and monitoring at work. At the end of the summer, the Grand Chamber of the European Court of Human Rights (ECtHR) considered the judgment of the Fourth Section in Barbulescu v Romania (application 61496/08). Mr Bogdan Mihai Barbulescu had been asked by his […]
On 13 May 2014, the Court of Justice of the European Union (CJEU) made a ruling in the case Google Spain SL, Google Inc. v Agencia Espanola de Proteccion de Datos (AEPD) and Mario Costeja Gonzalez (Case C-131/12) that drastically changed the privacy landscape for European citizens. The outcome of the ruling has come to […]
On 13 May 2014, the Court of Justice of the European Union (CJEU) made a ruling in the case Google Spain SL, Google Inc. v Agencia Espanola de Proteccion de Datos (AEPD) and Mario Costeja Gonzalez (Case C-131/12) that drastically changed the privacy landscape for European citizens. The outcome of the ruling has come to […]
On 13 May 2014, the Court of Justice of the European Union (CJEU) made a ruling in the case Google Spain SL, Google Inc. v Agencia Espanola de Proteccion de Datos (AEPD) and Mario Costeja Gonzalez (Case C-131/12) that drastically changed the privacy landscape for European citizens. The outcome of the ruling has come to […]
The General Data Protection Regulation, or ‘GDPR’, has been created to provide stronger protection of personal data than that contained in the EU Directive 95/46/EC. The Directive, dating from 1995, introduced a framework that is now inadequate given the enormous changes in digital information and the way in which we use technology. The GDPR will […]
In the English common law there is no freestanding right to privacy. Privacy claims come within a number of different causes of action: misuse of private information, breach of confidence, breach of the Data Protection Act 1998 (‘DPA’), breach of the Human Rights Act 1998 (‘HRA’), and breach of the Protection from Harassment Act 1997. […]
privacy law barrister 