Focusing on the latest digital trends and risks and developments in the field of data protection, privacy, information and cyber law.

DPOs and the GDPR: Part 2 – Appointing a DPO

Ondrej Kramolis

In its newly published opinion, the Article 29 Working Party (WP29) provides some useful input into discussion on the nature of the role of data protection officers (DPOs) under the GDPR. This is a question which many organisations have been grappling with, as they assess who should take on this role. The WP29 considers the qualifications Read More

DPOs and the GDPR: Part 1 – When is a DPO needed?

Catherine di Lorenzo

On 16 December 2016, the Article 29 Working Party (WP29) released highly anticipated guidelines on some of the most critical matters in the implementation of the General Data Protection Regulation (GDPR). These guidelines are not legally binding, but local data protection authorities are likely to follow them.  The WP29 does invite comment on the guidelines Read More

ePrivacy laws – draft Regulation leaked

Charlotte Mullarkey

As anticipated, a draft of the proposed replacement EU ePrivacy law has been leaked. While this draft still appears to be under review, it does provide an interesting indication of what we are likely to see in the proposed legislation next month. Given the extent of discussion around this revision, and the attention given to Read More

Article 29 Working Party opinion on proposed amendments to adequacy decisions

Charlotte Mullarkey

The Article 29 Working Party (WP29) has published Opinion 04/2016 (the Opinion) on two European Commission draft Decisions aimed at curing the defects in the Commission determinations of the adequacy of protection (Adequacy Decisions) identified by the CJEU in Schrems.  Although dated 31st October 2016, it appears to have been only published on Friday and the Read More

Payment service providers face even tougher DP requirements than those under the GDPR

Jane Finlayson-Brown

Application Programming Interfaces (APIs) are bringing new open banking initiatives to the forefront of online payment services, with huge potential for innovation.  Although access to data is essential in the rise of APIs, processing personal data for open banking initiatives covered by Payment Services Directives or the Open Banking Standard will always require explicit consent. Read More

Why the UK will continue to be “The Bee’s Knees” when it comes to data protection

David Smith

We have just seen an announcement from the Information Commissioner, Elizabeth Denham, about the appointment of a new Deputy, Rob Luke, who was previously British High Commissioner to Malta, and has also served overseas in Brazil and Paris as well as in policy roles at the Foreign & Commonwealth Office in London. In her announcement Read More