GDPR

Data Protection Predictions 2019

2018 was a landmark year for data protection and privacy; the EU General Data Protection Regulation (“GDPR”) came into effect on 25 May 2018 and implemented a comprehensive reform of the EU data protection regime. So what could 2019 possibly have in store for … Continue reading

Leave a Comment

Filed under Brexit, Data Protection & Privacy, EU Law, GDPR, Guidance, Regulation

UK Government note clarifies “no deal” and data protection

The UK Government has published a “no deal” note to clarify how data protection law will work in the event that the UK leaves the EU without a deal. The note confirms that separate draft regulations and more detailed guidance … Continue reading

Leave a Comment

Filed under Brexit, Data Protection & Privacy, EU Law, GDPR, UK Law

EDPB finally issues draft guidelines on GDPR extra-territoriality

On 23 November 2018, the European Data Protection Board (the “EDPB“) published its draft guidelines on Article 3 of the GDPR, being the provision that sets out the territorial scope of Europe’s data protection legislation. The guidelines are only in … Continue reading

Leave a Comment

Filed under Data Protection & Privacy, EU Law, GDPR, Guidance

General Data Protection Regulation: first enforcement notice shows extra-territorial reach

The UK data protection regulator, the Information Commissioner’s Office (ICO), has issued its first enforcement notice under the EU’s new strict data protection law, the General Data Protection Regulation (679/2016/EU) (GDPR). The notice is particularly noteworthy because it has been … Continue reading

Leave a Comment

Filed under Data Protection & Privacy, GDPR

Data protection if there’s no Brexit deal

On 13 September 2018, the UK Government published a series of technical notes setting out the implications in various sectors and areas of a ‘no deal’ scenario (i.e. a scenario in which the UK leaves the EU without an agreement), … Continue reading

Leave a Comment

Filed under Brexit, Data Protection & Privacy, EU Law, GDPR, Guidance, UK Law

Data breaches: new Article 29 Working Party guidance

In anticipation of the GDPR, various guidance has been published by the Article 29 Working Party, the body of national EU data regulators. Of most relevance in the cyber context is the guidance on personal data breach notifications; the Article … Continue reading

Leave a Comment

Filed under Cyber Security, Data Protection & Privacy, GDPR, Guidance

Public Sector IT Procurement Update: UK Government publishes updated Model Services Contract, guidance on GDPR re-papering and extends “G-Cloud 9” framework for cloud services procurement

Model Services Contract: On 1 January 2018, the Cabinet Office, Crown Commercial Service (“CCS“) and the Government Legal Service (“GLS“) published an updated version of the Model Services Contract (“MSC“). This version is stated to reflect developments in government policy, … Continue reading

Leave a Comment

Filed under GDPR, Outsourcing

UK Government Position Paper on International Transfers of Data – Key Points

The post below was first published on our Employment blog Last week the UK Government released its negotiating position paper on international transfers of personal data within the EEA (The Exchange and Protection of Personal Data). Once the UK leaves … Continue reading

Leave a Comment

Filed under Brexit, Consultations, Data Protection & Privacy, EU Law, GDPR

House of Lords EU Committee Report on Brexit and the EU Data Protection Package

On 18 July 2017 the House of Lords European Union Committee (the “Committee“) published a report covering the impact of Brexit on four aspects of the EU Data Protection Package: the General Data Protection Regulation (the “GDPR“) which will become … Continue reading

Leave a Comment

Filed under Brexit, Data Protection & Privacy, Digital, GDPR, Technology

EU – US Privacy Shield adequacy decision incorporated into the EEA Agreement

On 12 July 2016 the European Commission adopted an “adequacy decision” allowing for the transatlantic transfer of personal data from the EU to the US in accordance with the framework and principles of the EU-US Privacy Shield (the “Privacy Shield”). … Continue reading

Leave a Comment

Filed under Data Protection & Privacy, EU Law, GDPR, Regulation