Enforcement

Cyberattack on German Public Figures Leads To One of Germany’s Largest Data Breaches

Last week, it was announced that during December 2018 almost one thousand German public figures, including journalists and a number of prominent politicians including the Chancellor and President, were the subject of one of Germany’s largest data breaches. The leaked … Continue reading

Leave a Comment

Filed under Data breach, Data subject rights, Enforcement

Data Protection Predictions 2019

2018 was a landmark year for data protection and privacy; the EU General Data Protection Regulation (“GDPR“) came into effect on 25 May 2018 and implemented a comprehensive reform of the EU data protection regime. So what could 2019 possibly have in store for … Continue reading

Leave a Comment

Filed under Brexit, Data Protection, Enforcement, ePrivacy, GDPR, Guidance, Uncategorized

General Data Protection Regulation: first enforcement notice shows extra-territorial reach

The UK data protection regulator, the Information Commissioner’s Office (ICO), has issued its first enforcement notice under the EU’s new strict data protection law, the General Data Protection Regulation (679/2016/EU) (GDPR). The notice is particularly noteworthy because it has been … Continue reading

Leave a Comment

Filed under Enforcement, Extra-territoriality, GDPR

Court of Appeal confirms Morrisons vicariously liable for employee’s deliberate actions in first successful UK class action for data breach

The Court of Appeal has today dismissed an appeal against the High Court’s decision that Morrisons was vicariously liable for its employee’s misuse of data, despite: (i) Morrisons having done as much as it reasonably could to prevent the misuse; … Continue reading

Leave a Comment

Filed under Cyber Security, Data breach, Data Protection, Data subject rights, Enforcement, GDPR, News

Morrisons – the first successful class action in the UK for data breach

On 1 December 2017, the High Court handed down its judgment on the UK’s first class action arising from a data breach (Various Claimants v Morrisons). The High Court allowed the claim and deemed Morrisons to be vicariously liable for … Continue reading

Leave a Comment

Filed under Data breach, Data Protection, Enforcement

Google DeepMind trial failed to comply with data protection law

On 3 July 2017 the Information Commissioner’s Office (“ICO“) determined that the Royal Free NHS Foundation Trust (the “Trust“) had breached the Data Protection Act 1998 (the “Act”) when it provided patient details to Google’s DeepMind. The Trust provided personal … Continue reading

Leave a Comment

Filed under Data breach, Data Protection, Data subject rights, Enforcement, IT and Technology, News

New mandatory data breach reporting law passed

The Federal Government has today passed the Privacy Amendment (Notifiable Data Breaches) Act 2016 to amend the Privacy Act 1988 to include mandatory notification of eligible data breaches. This was the government’s third attempt at legislating data breach notification as a … Continue reading

Leave a Comment

Filed under Data breach, Data Protection, Enforcement

All TalkTalk, no action? UK Information Commissioner issues record fine of £400,000 for TalkTalk’s cyber security breach

The fine was the consequence of a cyber security breach in October 2015, which led to the theft of personal data of almost 157,000 customers, including the bank account number and sort code details of nearly 16,000 customers.

Leave a Comment

Filed under Cyber Security, Data breach, Data Protection, Enforcement

US Court Ruling Prohibits US Government Seizure of E-mails Stored Outside the United States

A federal appeals court handed a major win to Microsoft when it ruled that US authorities cannot compel US tech companies to disclose e-mail content that they store on servers located outside the United States. The case arises from Microsoft’s … Continue reading

Leave a Comment

Filed under Data breach, Data Protection, Data subject rights, Disclosures, Enforcement, IT and Technology