Focusing on the latest digital trends and risks and developments in the field of data protection, privacy, information and cyber law.

A first look at the New UK Data Protection Bill

Praveeta Thayalan

The new UK Data Protection Bill (the Bill) was published on 14 September 2017 and, once enacted, will repeal the Data Protection Act 1998 (the DPA). The Bill preserves parts of the DPA and implements the standards of the General Data Protection Regulation (the GDPR) across the categories of data processing within the scope of Read More

UK government publishes its data protection wish list for Brexit

David Smith

On 24 August 2017, the UK Government’s Department for Exiting the European Union published a future partnership paper outlining its proposal for a shared approach to data protection following Brexit.  The paper represents a welcome initiative from the UK Government as it seeks to preserve the UK’s position, participation and influence in EU data protection Read More

A deep dive into data processing at work: DPA advice on GDPR

LaurieAnne Ancenys

Laurie-Anne Ancenys of Allen & Overy looks at the recently adopted DPA guidance, which states that employers are unlikely to be able to rely on employee consent in the future. This article was first published in Privacy Laws & Business International Report, August 2017, www.privacylaws.com. You can read the full article here: A deep dive into data Read More

Do we learn anything new from the UK Government’s Statement of Intent?

Charlotte Mullarkey

On 7 August the UK Government’s Department of Digital, Culture, Media and Sport published a Statement of Intent in relation to the new Data Protection Bill. This comes only a month before we were led to expect to see the draft Bill itself. At first glance, notwithstanding some of the headlines in the press, it Read More

ICO investigation into the Royal Free’s use of patient data used as an opportunity to educate

Charlotte Mullarkey

In a case which has wide implications for the health care sector, the ICO has ruled that the Royal Free NHS Foundation Trust failed to comply with the UK Data Protection Act when it provided personal data of about 1.6 million patients to Google DeepMind. The personal data was provided as part of a trial Read More

A29 Working Party Opinion on Data Processing at Work

Nigel Parker

  The boundaries between work and home are increasingly blurred.  This means employee monitoring activities can inadvertently extend to monitoring employees in a private context. The Article 29 Working Party recently published a new opinion concerning data processing at work. It covers a wide range of topics, including the processing of employee data on social Read More