Brexit, Data, Brexit
As we all continue to try to grapple with the implications of a no-deal Brexit, the last week or two has seen the publication of a few things of interest from a data protection perspective: The EDPB's view of data…
Read more
Data Protection Predictions 2019
2018 was a landmark year for data protection and privacy; the EU General Data Protection Regulation ("GDPR") came into effect on 25 May 2018 and implemented a comprehensive reform of the EU data protection regime. So what could 2019 possibly have in store for…
Read more
UK Government note clarifies “no deal” and data protection
The UK Government has published a "no deal" note to clarify how data protection law will work in the event that the UK leaves the EU without a deal. The note confirms that separate draft regulations and more detailed guidance…
Read more
EDPB finally issues draft guidelines on GDPR extra-territoriality
On 23 November 2018, the European Data Protection Board (the "EDPB") published its draft guidelines on Article 3 of the GDPR, being the provision that sets out the territorial scope of Europe's data protection legislation. The guidelines are only in…
Read more
Brexit Withdrawal Agreement: Impact for data protection
Following a UK Cabinet meeting on 14 November 2018, the UK Government has announced support for the text of a draft Withdrawal Agreement and an outline of the Political Declaration on the Future Relationship agreed with EU negotiators. The Withdrawal…
Read more
Data protection if there’s no Brexit deal
On 13 September 2018, the UK Government published a series of technical notes setting out the implications in various sectors and areas of a 'no deal' scenario (i.e. a scenario in which the UK leaves the EU without an agreement),…
Read more
Data breaches: new Article 29 Working Party guidance
In anticipation of the GDPR, various guidance has been published by the Article 29 Working Party, the body of national EU data regulators. Of most relevance in the cyber context is the guidance on personal data breach notifications; the Article…
Read more
Internet of Things – ICO’s six reasons why businesses should be thinking about data protection and the DCMS’s Secure by Design Report
In light of the booming market of the Internet of Things (“IoT”) and of the General Data Protection Regulation (“GDPR”), the Information Commissioner’s Office (“ICO”) has published an article focusing on the key factors manufacturers and retailers of IoT devices…
Read more
Compliant or not: the GDPR is here
The GDPR came into force on 25 May 2018 and brought with it additional rights for individuals and additional obligations for organisations. It also extends its reach beyond European borders and applies not just to companies within the EEA but…
Read more
GDPR Compliance: Just under a year to “get your house in order”
The European Commission published its first draft of the EU General Data Protection Regulation ("GDPR") in January 2012, which set out a comprehensive reform of the current existing EU regime. The reform was designed to give citizens more control and…
Read more
ENISA Guidance: Incident Reporting for Digital Service Providers under Cyber Security Directive and the interplay with GDPR
The new report referenced in the article above, follows comprehensive guidelines (the "Guidelines") published by ENISA in February 2017 for Member States and the European Commission on how to implement incident notification for "digital service providers" ("DSPs") across the EU,…
Read more
SWIFT publishes mandatory controls for customers
In April 2017, the Society for Worldwide Interbank Financial Telecommunications (SWIFT) published a final version of its Customer Security Controls Framework (the "Framework"), as part of its Customer Security Programme which launched in June 2016. SWIFT is a messaging network…
Read more
WannaCry: A chance to test systems and raise awareness at a global level?
In one of the most dramatic and widespread cyber attacks to date, on Friday 12 May 2017, a worldwide ransomware attack known as "WannaCrypt" or "WannaCry" began infecting hundreds of thousands of computers in over 150 countries. Starting in the…
Read more
Big Data Regulation: Coming soon to a business like yours?
The Financial Times recently referred to Big Data as "a vague term for a massive phenomenon that has rapidly become an obsession with entrepreneurs, scientists, governments and the media". And it does seem to appear from the headlines that there…
Read more
Full Steam Ahead: GDPR confirmed to apply in the UK despite Brexit
The UK Digital Minister Matt Hancock has confirmed in a written statement that the General Data Protection Regulation (the "GDPR") will come into force in the UK in May 2018 despite the UK's move towards Brexit. ...
Read more
Key contacts
Miriam Everett
Head of Data Protection and Privacy, London
+44 20 7466 2378
Andrew Moir
Partner, Global Head of Cyber Security, London
+44 20 7466 2570
Christine Young
Partner, Employment, London
+44 20 7466 2845