Data protection

What’s New? December 2024

Autumn Budget infotech initiatives As part of its first Budget, the government announced £20.4 billion of investment for research and development projects in the UK, in an effort to drive economic growth. A portion of this will undoubtedly fund artificial intelligence (AI) projects, and to help lay the framework for AI development the government: “will […]

Read More

What’s New? June 2024

First international treaty on AI The Council of Europe recently adopted a framework convention which aims to ensure the respect of human rights, the rule of law, and democratic legal standards, in the use of Artificial Intelligence (AI) systems. The treaty is the outcome of two years’ work by an intergovernmental body, the Committee on […]

Read More

What’s New? April 2024

EU AI Act passed The European Parliament approved the Artificial Intelligence Act (EU AI Act) on 13 March 2024. It has been hailed as the world’s first comprehensive and binding piece of legislation on AI, although many of its provisions won’t be enforced for at least a year or two. Rather than attempting to regulate specific technologies, […]

Read More

Reforming data protection

Following a consultation on reforming the UK’s data protection laws – partly designed to “provide an opportunity for the UK to reshape its approach to regulation” post-Brexit – the government has published the Data Protection and Digital Information Bill (previously dubbed the “Data Reform Bill”). The forthcoming legislation follows several years of upheaval to the […]

Read More

Smart doorbells: data protection concerns

As more and more everyday products are produced with internet connectivity – whether it actually improves functionality or is more of a gimmick – there are increased concerns regarding cybersecurity and data protection. The Internet of Things (IoT) refers to both these WiFi-enabled goods and the wider concept of having everything connected to the internet […]

Read More

GDPR fines: implications of the WhatsApp decision

The Irish Data Protection Commission (DPC) recently issued its largest ever fine in respect of a breach of the General Data Protection Regulation (GDPR) by WhatsApp. Following an extensive investigation, it concluded that the messaging service, owned by Facebook, had failed to meet the transparency requirements under articles 12–14 of the GDPR. The DPC had […]

Read More

Key data protection challenges for 2021

Data globalisation after Schrems II Browsing the web. Using apps. Communicating electronically. Shopping online. Working from home. Life as we know it relies on data flowing across geographical borders throughout the world. However, international data transfers have never been more scrutinised. Following the ruling by the Court of Justice of the European Union (CJEU) in […]

Read More

Information Rights: A Practitioner’s Guide to Data Protection, Freedom of Information and other Information Rights

Retaining the position it has held since first publication, the fifth edition of this leading practitioner text on information law has been thoroughly re-worked to provide comprehensive coverage of the Data Protection Act 2018 and the GDPR. Information Rights has been cited by the Supreme Court, Court of Appeal and others, and is used by […]

Read More

Max Schrems: the return

In the wake of growing data protection concerns around the turn of the century, a framework dubbed “Safe Harbor” was agreed between the EU and the US in 2000, which essentially permitted transatlantic free-flow of personal data. Towards the end of 2015, as a result of one of several legal challenges brought by prolific Austrian […]

Read More

First GDPR level fines in the UK

One of the key changes brought about by the General Data Protection Regulation (GDPR), which came into force on 25 May 2018, was a substantial increase in the maximum fines available for data protection breaches, to the higher of €20 million or 4% of global annual turnover. Any breaches which occurred prior to this date […]

Read More

GDPR – the dust is settling

The panic has receded. The frantic drafting has slowed down. The GDPR – widely regarded as the most ambitious data protection legal framework ever created – is in place and life goes on. As the dust left by the dramatic coming into effect of the GDPR settles, we are beginning to see what the GDPR […]

Read More

Re-consenting to marketing under GDPR?

One of the questions we’ve most commonly been asked in recent months is “does the GDPR mean we have to get fresh consents from our entire marketing database?” In many (indeed, perhaps most) cases, the answer is “no” – though the explanation for this is not all that straightforward, and so the confusion here is […]

Read More