Another revised draft ePrivacy Regulation (“ePR”) was recently published which introduces the ability for organisations to rely on the “legitimate interests” legal basis to drop cookies on end users’ devices. This change has been criticised by some commentators for ambiguities and watering down data protection rights despite accompanying safeguards. It remains to be seen if … Read more
In these unprecedented times, COVID-19 has forced organisations to quickly put in to place measures with the aim of ensuring both business continuity and the protection of employees. In many instances, this has involved increased processing of health data, in ways that were not envisaged a short time ago. Organisations across the globe are also … Read more
What better day than today, International Data Privacy Day, to explore what 2020 is likely to have in store for data and privacy? Almost two years ago the EU General Data Protection Regulation (GDPR) thrust data and privacy issues firmly in the spotlight, where they remain. With attention having shifted from guidance to enforcement, this article … Read more
The Court of Justice of the European Union has confirmed in the Planet49 case that a pre-ticked checkbox does not constitute valid consent for ePrivacy purposes. Read more
Following its recent admission that its own cookie consent mechanism was non-compliant (see previous blog post here), the UK privacy regulator (the ICO) updated its cookie notice last week (see our previous blog post here) and has now published guidance on cookies and similar technologies. Key messages are: No implied consent for non-essential cookies allowed, … Read more
The GDPR came into effect almost a year ago on the 25 May 2018. As the most significant reform of data protection law in Europe for over 20 years, the legislation raised expectations of a cultural shift in attitude to data privacy. A year on from the fanfare of implementation, this bulletin looks at key … Read more
The European Data Protection Board (the “EDPB“) has published its opinion on the interplay between the GDPR and Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (the “ePrivacy Directive“). The opinion confirms that … Read more
2018 was a landmark year for data protection and privacy; the EU General Data Protection Regulation (“GDPR“) came into effect on 25 May 2018 and implemented a comprehensive reform of the EU data protection regime. So what could 2019 possibly have in store for data protection and privacy? This article sets out some predictions for further data protection developments in … Read more
Last month the Council of the European Union published its progress report on the first draft of the ePrivacy Regulation (the “Draft Regulation”). The Draft Regulation was issued by the EC in January of this year and focuses on the processing of personal data and protection of privacy in electronic communications. Read more
