Happy International Data Privacy Day: Our predictions for 2021

Happy International Data Privacy Day! And what better day than today, to explore what 2021 is likely to have in store for data and privacy? Almost three years after the EU General Data Protection Regulation (GDPR) came into force, and now 28 days since the UK GDPR replaced it in the UK following Brexit, data … Read more

EDPB and ICO respond to the Brexit data transfer window

As most in the data community are aware, the EU-UK Trade and Cooperation Agreement (the “Brexit Deal”) was agreed on Christmas Eve and provides for an interim period (up to a maximum of six months ending on 30 June 2021) whereby data transfers from Europe to the UK will not be treated as transfers to … Read more

ENSURING COMPLIANCE WITH ELECTRONIC MARKETING RULES: A CLOSER LOOK AT SOFT OPT-IN CONSENT

The ICO’s recent decision to take enforcement action against a number of organisations (both in the form of investigations and regulatory fines) for sending unsolicited email and text based electronic marketing communications to individuals should serve to prompt organisations to take stock of the ways in which they promote their products and services using electronic … Read more

European Commission publishes new draft Article 28 clauses for consultation

Alongside, and perhaps in the shadow of, the European Commission publishing its long-awaited draft new Standard Contractual Clauses (the “New SCCs”) to address the restrictions imposed by the GDPR in relation to making international transfers of personal data  (for further details see our blog post here), the European Commission has also published a set of … Read more

A change in approach to subject access? ICO Publishes Updated DSAR Guidance

Summary The ICO (the UK privacy regulator) has updated its guidance on data subject access rights, and the revised guidance appears to be aimed at giving organisations practical advice on managing and responding to subject access requests by including further detail and examples. Although the revised guidance has not changed dramatically, it is fair to … Read more

HOW TO CALCULATE A GDPR FINE – THE PROPOSED ICO WAY

The Information Commissioner’s Office in the UK (the “ICO”) has published for consultation its draft statutory guidance setting out how it will regulate and enforce data protection legislation in the UK. The document explains all of the ICO’s key powers (including information notices, assessment notices, enforcement notices and penalty notices). Perhaps most interestingly for organisations, … Read more