Focusing on the latest digital trends and risks and developments in the field of data protection, privacy, information and cyber law.
ICO guidance on data protection fees – notification is dead, long live registration
06 March 2018 Charlotte Mullarkey
To coincide with the implementation of the General Data Protection Regulation (GDPR), the UK data protection authority, the Information Commissioner’s Office (the ICO) has issued guidance on the new proposed fee arrangement for the registration of data controllers in the UK. Assuming this proposal is approved by Parliament, the new ‘data protection fee’ will come › Read More
Using artificial intelligence to fight financial crime – a legal risk perspective
27 February 2018 Ian Rodgers
The Head of the Financial Crime Department at the UK Financial Conduct Authority (the FCA), Rob Gruppetta, gave a speech on “Using artificial intelligence to keep criminal funds out of the financial system” in December 2017 (1). In it, he explored how artificial intelligence (AI) could potentially be used to prevent financial crime, and for › Read More
GDPR Guidelines – Is The Article 29 Working Party Going Too Far?
12 January 2018 David Smith
The Article 29 Working Party has been working overtime to publish guidelines on a wide range of GDPR requirements. Not surprisingly, given the impact of the GDPR, there have been calls for even more guidance but the data protection authorities that make up the Working Party have limited resources and it is not always easy › Read More
WP29 guidelines on consent under GDPR
02 January 2018 Nigel Parker
The WP29’s draft guidelines on consent begin with some good advice. “[A] controller must always take time to consider whether consent is the appropriate lawful ground for the… processing or whether another ground should be chosen instead”. The decision whether or not to seek and rely on consent has heightened importance under the GDPR, given › Read More
WP29 guidelines on transparency under GDPR
29 December 2017 Nigel Parker
Shortly before the Christmas break, the Article 29 Working Party (WP29) published keenly awaited draft guidelines on transparency and consent under the GDPR. These guidelines will be closely scrutinised. Privacy notices, requests for consent, how an organisation deals with data subject enquiries regarding the processing of personal data, and how an organisation communicates information in › Read More
VCAST cloud television recording service constitutes unlawful communication to the public
15 December 2017 Alex Woolgar
In its judgment on a reference from the District Court of Turin (Italy), the CJEU determined that a service enabling consumers to have free-to-air television content received remotely and directly recorded onto a personal cloud storage space, was unlawful. Although the questions referred by the Italian court were not framed as such, the CJEU used this reference › Read More