ICO TELLS PEOPLE TO EXPECT DELAYS TO DSARS DURING COVID-19

Given the COVID-19 crisis, it is likely that data protection may no longer at the forefront of every controller’s mind, and rather, that business continuity has taken precedence. Acknowledging this shift and the need for companies to divert business as usual resources to their response to the crisis, the ICO has published two articles on … Read more

Schrems II: Standard Contractual Clauses Are Valid

The Advocate General (“AG“) of the Court of Justice of the European Union (“ECJ“) has recommended that the Standard Contractual Clauses (“SCCs“) should remain a valid mechanism to legitimise the transfer of personal data to third countries. However: Read more

The German FCO/Facebook decision: implications for data privacy regulation

The German competition authority, the Federal Cartel Office (“FCO“) last week announced the results of its investigation into Facebook for a novel abuse of dominance involving consent for its data collection. Whilst the full decision is not yet public, the FCO has published a background paper here. In short, the FCO found that Facebook had … Read more

Court of Appeal confirms Morrisons vicariously liable for employee’s deliberate actions in first successful UK class action for data breach

The Court of Appeal has today dismissed an appeal against the High Court’s decision that Morrisons was vicariously liable for its employee’s misuse of data, despite: (i) Morrisons having done as much as it reasonably could to prevent the misuse; and (ii) the employee’s intention being to cause reputational or financial damage to Morrisons itself: … Read more

UK: Limits on employers’ ability to monitor private communications

The Grand Chamber of the European Court of Human Rights’ (ECtHR) ruling in Barbulescu v Romania (61496/08) is a timely reminder of the limits of employers’ ability to monitor their employees’ private activity on work IT systems. The case concerned an employee’s personal use of a Yahoo Messenger account set up at the employer’s request … Read more