The Information Commissioner’s Office (ICO) published its 2018/2019 Annual Report on 8 July 2019. Here is a short summary: The number of enquiries the ICO received increased by 66% to just under half a million. The number of data protection complaints almost doubled compared with the previous year. Subject Access Requests made up the largest […]
By Tom Orrell & Melissa Stock Privacy law has never been a straightforward affair in England. Its development has been piecemeal over the past two centuries.[1] In fact the laws that govern information today are spread across multiple frameworks, including: libel (protecting reputation), data protection (rights over the processing of personal data), breach of confidence […]
British Airways was hit by a substantial data breach early this month, after apparently compromising over 380,000 customers account and card details. For BA’s statement following the breach, click here. The ICO has fined Equifax £500,000 for its data breach in 2017 that affected 15 million individuals in the U.K. For the ICO press release […]
This is an overview of DB v The General Medical Council (‘GMC’) [2018] EWCA Civ 1497 in the Court of Appeal. It is now the leading judgment in the approach to be taken on disclosure in so-called mixed personal data cases – that is subject access requests where the information requested by the data subject […]
The ICO intends to fine Facebook £500,000 (the maximum possible) for the Cambridge Analytica data breaches. About 87 million Facebook users are believed to have been affected by the breaches, including about 1 million U.K. users. For more click here. The advocacy group ‘Fair Vote’ is preparing a class action lawsuit for U.K. citizens against […]
This is an overview of the e-Privacy Regulation (‘ePR’), which will replace Directive 2002/58/EC (Regulation on Privacy and Electronic Communications), or ‘e-Privacy Directive’. The e-Privacy Directive protects the confidentiality of electronic communications and applies to publicly available electronic communications services. In the U.K., the Privacy and Electronic Communications Regulation (“PECR”) implements the e-Privacy Directive. In […]
Dixons Carphone revealed a data breach involving 5.9 million payment cards and 1.2 million personal data records. The company is not expected to pay GDPR-level fines, as the breach occurred before the GDPR came into force. For more, click here. The ICO has fined Yahoo! UK Services Ltd £250,000 for failings after a cyber […]
