Revised ePrivacy Regulation Draft introduces ability for organisations to rely on “Legitimate Interests” legal basis in relation to cookies

Another revised draft ePrivacy Regulation (“ePR”) was recently published which introduces the ability for organisations to rely on the “legitimate interests” legal basis to drop cookies on end users’ devices. This change has been criticised by some commentators for ambiguities and watering down data protection rights despite accompanying safeguards. It remains to be seen if … Read more

COVID-19 PEOPLE: DATA PRIVACY ISSUES

In these unprecedented times, COVID-19 has forced organisations to quickly put in to place measures with the aim of ensuring both business continuity and the protection of employees. In many instances, this has involved increased processing of health data, in ways that were not envisaged a short time ago. Organisations across the globe are also … Read more

International Data Privacy Day: Our predictions for 2020

What better day than today, International Data Privacy Day, to explore what 2020 is likely to have in store for data and privacy? Almost two years ago the EU General Data Protection Regulation (GDPR) thrust data and privacy issues firmly in the spotlight, where they remain. With attention having shifted from guidance to enforcement, this article … Read more

Cookie consent walls crumble: ICO publishes guidance on cookie consent

Following its recent admission that its own cookie consent mechanism was non-compliant (see previous blog post here), the UK privacy regulator (the ICO) updated its cookie notice last week (see our previous blog post here) and has now published guidance on cookies and similar technologies. Key messages are: No implied consent for non-essential cookies allowed, … Read more

EDPB publishes opinion on the interplay between GDPR and ePrivacy

The European Data Protection Board (the “EDPB“) has published its opinion on the interplay between the GDPR and Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (the “ePrivacy Directive“). The opinion confirms that … Read more

Data Protection Predictions 2019

2018 was a landmark year for data protection and privacy; the EU General Data Protection Regulation (“GDPR“) came into effect on 25 May 2018 and implemented a comprehensive reform of the EU data protection regime. So what could 2019 possibly have in store for data protection and privacy? This article sets out some predictions for further data protection developments in … Read more

Council of the EU publishes Progress Report on draft EU ePrivacy Regulation

Last month the Council of the European Union published its progress report on the first draft of the ePrivacy Regulation (the “Draft Regulation”). The Draft Regulation was issued by the EC in January of this year and focuses on the processing of personal data and protection of privacy in electronic communications.  Read more