A review of proposed data and technology legislation in Europe and the UK.
A landmark ruling about the privacy rights of criminal suspects in the UK.
A podcast summarising developments in data protection and privacy in 2021
A legal review of Lloyd v Google LLC  UKSC 50 in the Supreme Court, a case involving group litigation in data protection claims.
R (Bridges) v Chief Constable of South Wales Police and Others  EWHC 2341 (Admin) To read the judgment click here. The High Court turned down an application for judicial review of the decision by South Wales Police to use automated facial recognition technology in a pilot project. The project involved the capture of digital […]
Lloyd v Google LLC  EWCA Civ 1599 To read the judgment click here. The Court of Appeal has overturned the High Court’s decision, which had refused permission for Mr Richard Lloyd to serve proceedings on Google for the alleged secret collection of browser-generated information from Apple iPhone users. Mr Lloyd had brought the claim […]
ECJ case C-673/17 (Planet 49) To read the judgment click here. In this case the Court of Justice of the European Union (“CJEU”) was asked to consider a series of questions in relation to the use of pre-ticked checkboxes and cookies. It held the following: A pre-ticked checkbox, which a user must de-select to refuse […]
By Tom Orrell & Melissa Stock Privacy law has never been a straightforward affair in England. Its development has been piecemeal over the past two centuries. In fact the laws that govern information today are spread across multiple frameworks, including: libel (protecting reputation), data protection (rights over the processing of personal data), breach of confidence […]
This is an overview of the e-Privacy Regulation (‘ePR’), which will replace Directive 2002/58/EC (Regulation on Privacy and Electronic Communications), or ‘e-Privacy Directive’. The e-Privacy Directive protects the confidentiality of electronic communications and applies to publicly available electronic communications services. In the U.K., the Privacy and Electronic Communications Regulation (“PECR”) implements the e-Privacy Directive. In […]
The Facts On 12 January 2014, an employee of the Defendant “Morrisons” posted a file containing the personal details of almost 100,000 colleagues on the Internet. Mr Andrew Skelton, a senior IT Auditor at Morrisons, was later charged and convicted under the Computer Misuse Act 1990 and section 55 of the Data Protection Act 1998 […]