British Airways was hit by a substantial data breach early this month, after apparently compromising over 380,000 customers account and card details. For BA’s statement following the breach, click here. The ICO has fined Equifax £500,000 for its data breach in 2017 that affected 15 million individuals in the U.K. For the ICO press release […]
This is an overview of DB v The General Medical Council (‘GMC’) [2018] EWCA Civ 1497 in the Court of Appeal. It is now the leading judgment in the approach to be taken on disclosure in so-called mixed personal data cases – that is subject access requests where the information requested by the data subject […]
The ICO intends to fine Facebook £500,000 (the maximum possible) for the Cambridge Analytica data breaches. About 87 million Facebook users are believed to have been affected by the breaches, including about 1 million U.K. users. For more click here. The advocacy group ‘Fair Vote’ is preparing a class action lawsuit for U.K. citizens against […]
This is an overview of the e-Privacy Regulation (‘ePR’), which will replace Directive 2002/58/EC (Regulation on Privacy and Electronic Communications), or ‘e-Privacy Directive’. The e-Privacy Directive protects the confidentiality of electronic communications and applies to publicly available electronic communications services. In the U.K., the Privacy and Electronic Communications Regulation (“PECR”) implements the e-Privacy Directive. In […]
Dixons Carphone revealed a data breach involving 5.9 million payment cards and 1.2 million personal data records. The company is not expected to pay GDPR-level fines, as the breach occurred before the GDPR came into force. For more, click here. The ICO has fined Yahoo! UK Services Ltd £250,000 for failings after a cyber […]
Employee Computer Files The European Court of Human Rights (ECtHR) has ruled that an employer may ‘freely consult’ an employee’s computer file that is not private, so long as the company’s IT charter makes a provision to do so. In Libert v France (Application No 588/13), an employee of SNCF (France’s national railway company) was […]
The GDPR came into effect on 25 May 2018. In the UK, the Data Protection Act 2018 was given Royal Assent and now implements the Regulation. For the statute, click here. Max Schrems, the privacy activist and lawyer, has started a €7.6 billion GDPR lawsuit against Facebook, WhatsApp, Instagram and Google Android. For his press release […]
