National privacy law

NIS Directive and Regulations now in force

The EU Network and Information Systems Directive (“NISD”) was required to be implemented into national law by 9 May 2018. The UK implementing regulations (the Network and Information Systems Regulations 2018) (“Regulations”) are now in force. The Regulations impose cyber … Continue reading

Leave a Comment

Filed under Cyber Security, Data Protection, National privacy law

Data breaches: new Article 29 Working Party guidance

In anticipation of the GDPR, various guidance has been published by the Article 29 Working Party, the body of national EU data regulators. Of most relevance in the cyber context is the guidance on personal data breach notifications; the Article … Continue reading

Leave a Comment

Filed under Controllers, Data breach, Data Protection, GDPR, Guidance, National privacy law

Internet of Things – ICO’s six reasons why businesses should be thinking about data protection and the DCMS’s Secure by Design Report

In light of the booming market of the Internet of Things (“IoT”) and of the General Data Protection Regulation (“GDPR”), the Information Commissioner’s Office (“ICO”) has published an article focusing on the key factors manufacturers and retailers of IoT devices … Continue reading

Leave a Comment

Filed under Data Protection, DPIAs, GDPR, Guidance, IT and Technology, National privacy law, Uncategorized

UK Government endorses new data security standards and greater patient control over use of health data

The Department of Health published its Review of Data Security, Consent and Opt-Outs (the “Review”) earlier this year. Incidents such as WannaCry (refer to article above for more detail) have created awareness of the ease and speed with which cyber-attacks … Continue reading

Leave a Comment

Filed under Cyber Security, Data Protection, GDPR, National privacy law

Draft Data Protection Bill published – no major surprises for businesses

Following its Second Reading in the House of Lords, on 22 November 2017 the draft Data Protection Bill (the “Bill”) passed the Committee Stage and will next be considered at the Report Stage on 11 December 2017. The Bill was … Continue reading

Leave a Comment

Filed under Data Protection, GDPR, National privacy law

UK: Limits on employers’ ability to monitor private communications

The Grand Chamber of the European Court of Human Rights’ (ECtHR) ruling in Barbulescu v Romania (61496/08) is a timely reminder of the limits of employers’ ability to monitor their employees’ private activity on work IT systems. The case concerned … Continue reading

Leave a Comment

Filed under Data Protection, Data subject rights, IT and Technology, National privacy law, News

Council of the EU publishes Progress Report on draft EU ePrivacy Regulation

Last month the Council of the European Union published its progress report on the first draft of the ePrivacy Regulation (the “Draft Regulation”). The Draft Regulation was issued by the EC in January of this year and focuses on the … Continue reading

Leave a Comment

Filed under Data Protection, ePrivacy, GDPR, National privacy law

EU – US Privacy Shield adequacy decision incorporated into the EEA Agreement

On 12 July 2016 the European Commission adopted an “adequacy decision” allowing for the transatlantic transfer of personal data from the EU to the US in accordance with the framework and principles of the EU-US Privacy Shield (the “Privacy Shield”). … Continue reading

Leave a Comment

Filed under Brexit, Data Protection, National privacy law

Liberty granted rights to challenge the Snoopers’ Charter

The Investigatory Powers Act 2016 (the “Act“) received Royal Assent on 29 November 2016. Dubbed the “Snoopers’ Charter” it has been heavily criticised by various commentators, including the advocacy group Liberty. The main source of criticism has been around the … Continue reading

Leave a Comment

Filed under Data Protection, ePrivacy, National privacy law

EU Council publishes Progress Report on draft EU ePrivacy Regulation

On 15 May 2017, the Council of the European Union published its progress report (the “Report“) on the first draft of the ePrivacy Regulation (the “Draft Regulation“). The Draft Regulation focuses on the processing of personal data and protection of … Continue reading

Leave a Comment

Filed under Data Protection, ePrivacy, GDPR, National privacy law