ICO Annual Report 2018/2019: A summary

The Information Commissioner’s Office (ICO) published its 2018/2019 Annual Report on 8 July 2019. Here is a short summary: The number of enquiries the ICO received increased by 66% to just under half a million. The number of data protection complaints almost doubled compared with the previous year. Subject Access Requests made up the largest […]

Balancing human and machine perspectives: what is the ‘public interest’ in the AI era?

By Tom Orrell & Melissa Stock Privacy law has never been a straightforward affair in England. Its development has been piecemeal over the past two centuries.[1] In fact the laws that govern information today are spread across multiple frameworks, including: libel (protecting reputation), data protection (rights over the processing of personal data), breach of confidence […]

The GDPR and Fines

The Article 29 Data Protection Working Party recently issued guidelines on fines for the purposes of the General Data Protection Regulation (‘GDPR’). Article 83(1) of the GDPR states that supervisory authorities should identify corrective measures that are “effective, proportionate and dissuasive”. Article 83(2) is the starting point for assessing a case for the purpose of […]

The GDPR and Personal Data Breach Reporting

The Article 29 Data Protection Working Party (‘A29WP’) recently issued guidelines on personal data breach reporting under the General Data Protection Regulation (‘GDPR’). The GDPR obliges data controllers to report personal data breaches to data protection authorities within 72 hours unless the breach is ‘unlikely to result in a risk to the rights and freedoms’ […]