UK
Irish DPC tells Facebook to stop transferring data to the US: Should panic ensue?
The Wall Street Journal reported Sept. 9 that Ireland’s Data Protection Commissioner issued a preliminary order that Facebook must stop transferring user data to the U.S. The order, which was reported based on anonymous sources “according to people familiar with the matter,” follows the Court of Justice of the European Union’s ruling…
Read More »Data Protection and the death of the US Privacy Shield
September 16, 12:00p.m. – 1:00p.m. The legal and ethical need to protect personally sensitive data is well understood. Equally, the extra-territorial reach of the EU’s GDPR legislation and the trans-Atlantic Privacy Shield agreement have been part of the recent landscape for doing business. However, COVID notwithstanding, this year is upsetting…
Read More »The increasing importance of a DPIA
As organizations scramble to implement alternative data transfer mechanisms and fill in their compliance gaps following the “Schrems II” decision, one important tool remains overlooked: the DPIA (data protection impact assessment). Based on the text Article 35 of the EU General Data Protection Regulation and subsequent European Data Protection Board guidance,…
Read More »MPs slam UK data regulator over people’s privacy rights
The UK’s data regulator hasn’t done enough to stop the government from disregarding fundamental privacy rights during the pandemic, a cross-party group of 20 opposition MPs has said. The claims come in a letter (PDF) sent to Elizabeth Denham, the head of the Information Commissioner’s Office (ICO), with the MPs…
Read More »After Schrems II: Contracts No Longer Enough For Data Transfer
I. The Striking Difference Between Schrems I and Schrems II It would be misleading to view last week’s Schrems II[1] decision as only having an effect similar to that of the Schrems I[2] decision in 2015. While Schrems I invalidated the EU-US Safe Harbor treaty for cross-Atlantic data transfer, organisations still…
Read More »Has British Airways just revealed how much its ICO fine will be?
The reporting requirements for listed companies may have given a strong hint as to how much the ICO will fine British Airways (BA) for its data breach. Spoiler alert: it’s likely to be far less than the £184 million announced a year ago, and could be as little as 10%…
Read More »How Schrems II will impact data sharing between the UK and the US
Transferring personal data internationally has become more difficult in recent days. The Court of Justice of the European Union (CJEU) has invalidated the Privacy Shield, an EU adequacy decision that allowed data to flow freely from the UK and EU to more than 5,300 companies in the US. At the…
Read More »Privacy groups hit out at fresh delay to adtech probe
Privacy groups have ramped up their attack on the data regulator’s continued failure to stamp out the adtech industry’s widespread abuse of personal data, after the Information Commissioner’s Office admitted it could be 2021 before its investigation into the market resumes. The ICO first began reviewing data protection practices in the realtime…
Read More »99% of UK organisations suffered security breaches in the past one year
The survey, conducted by Opinion Matters and commissioned by VMware Carbon Black, gauged responses from 251 UK CIOs, CTOs, and CISOs from UK organisations on the nature and frequency of cyber attacks targeting their organisations, whether they suffered breaches as a result, and how prepared they are to defend against…
Read More »UK regulator urges reforms to curb Google, Facebook ad power
LONDON (AP) — British regulators want new rules to foster competition in digital advertising markets and rein in the industry’s dominant players, Google and Facebook. The Competition and Markets Authority took aim at the U.S. tech giants in a report Wednesday that recommends the British government adopt a new regulatory…
Read More »
Schrems II Judgment Day
The Court of Justice of the European Union (“CJEU“) issued its judgment today in …
