An increasing number of malicious cyber actors are exploiting the current coronavirus disease 2019 (“COVID-19“) pandemic for their own purposes. In the UK, the National Cyber Security Centre (“NCSC“) has detected more UK government branded scams relating to COVID-19 than any other subject. Meanwhile, across the Atlantic, both the United States Department of Homeland Security … Read more
Today the Supreme Court handed down its decision in Wm Morrisons Supermarkets Plc v Various Claimants [2020] UKSC 12, bringing to its conclusion a case which had the potential to alter significantly the data protection and cyber security litigation and class action landscape. The headline news is that Morrisons has been found not to be vicariously liable for the … Read more
The Cyber Security Breaches Survey (“CSBS”) is an annual study of UK businesses and charities that began in 2015. The latest CSBS was conducted during the winter of 2019/2020 and the results published on 25 March 2020. The CSBS influences how the government shapes future policy, allows organisations to compare their cyber security with others … Read more
On 30 January 2020, the French construction company, Bouygues Construction, was hit by a ransomware-type attack on their computer network. In subsequent press-releases Bouygues reported that it had taken all of its information systems offline as a precautionary measure to prevent further propagation of the attack, and advised that operational activity on its construction sites … Read more
In this bulletin we summarise recent updates relating to cybersecurity and data protection in China to keep you updated on developments. We focus on four areas: regulatory developments, enforcement developments, industry developments and international developments. For further detail, please see our update here. Read more
Case ID: UKSC 2018/0213 Hearing Date 6 and 7 November 2019 Justices: Lady Hale, Lord Reed, Lord Kerr, Lord Hodge, Lord Lloyd-Jones Facts (taken from Supreme Court Case Summary) In November 2013, an employee of the appellant, Mr Skelton, downloaded payroll data he was entrusted with at work onto a personal USB stick and took … Read more
The Supreme Court in England has two issues to consider in the appeal which opens today. First, should the company be held to be vicariously liable for the acts of its employee in this case? It concerns, after all, a rogue employee, who took payroll data with which he was entrusted home on a … Read more
Just one day after its notice of its intent to fine British Airways £183.39 million, the ICO has issued a further notice of intent to fine Marriott International £99.2 million for its own data breach; The systems of the Starwood hotel group were originally compromised in 2014, prior to the acquisition of Starwood by Marriott … Read more
The ICO has published a notice of its intent to fine British Airways £183.39 million for its 2018 data breach where the personal data of 500,000 customers was stolen by hackers; This is the first ‘mega fine’ issued by a European data regulator since the implementation of the GDPR; The ICO acted as lead supervisory … Read more
