General Data Protection Regulation

What impact is GDPR having on M&A deals?

Nigel Parker

Data protection issues feature increasingly in mergers and acquisitions.  This is driven by a range of factors, including in particular the growing realisation of the value of personal data to a business as well as more widespread appreciation of the risks involved in processing personal data.  The GDPR has acted as a catalyst and data Read More

No Comments

ICO Brings Some Welcome Clarification to the GDPR’s International Transfer Rules

David Smith

One of the challenges thrown up by the GDPR is understanding the interrelation between the extra-territorial scope provisions in Article 3 and the restrictions on international transfer in Chapter V. How, for example, do the international transfer restrictions apply, if they apply at all, to a data controller that has no presence in the EU Read More

No Comments

ICO guidance on data protection fees – notification is dead, long live registration

Charlotte Mullarkey

To coincide with the implementation of the General Data Protection Regulation (GDPR), the UK data protection authority, the Information Commissioner’s Office (the ICO) has issued guidance on the new proposed fee arrangement for the registration of data controllers in the UK. Assuming this proposal is approved by Parliament, the new ‘data protection fee’ will come Read More

No Comments

Using artificial intelligence to fight financial crime – a legal risk perspective

Ian Rodgers

The Head of the Financial Crime Department at the UK Financial Conduct Authority (the FCA), Rob Gruppetta, gave a speech on “Using artificial intelligence to keep criminal funds out of the financial system” in December 2017 (1). In it, he explored how artificial intelligence (AI) could potentially be used to prevent financial crime, and for Read More

No Comments

GDPR Guidelines – Is The Article 29 Working Party Going Too Far?

David Smith

The Article 29 Working Party has been working overtime to publish guidelines on a wide range of GDPR requirements. Not surprisingly, given the impact of the GDPR, there have been calls for even more guidance but the data protection authorities that make up the Working Party have limited resources and it is not always easy Read More

No Comments

WP29 guidelines on transparency under GDPR

Nigel Parker

Shortly before the Christmas break, the Article 29 Working Party (WP29) published keenly awaited draft guidelines on transparency and consent under the GDPR. These guidelines will be closely scrutinised. Privacy notices, requests for consent, how an organisation deals with data subject enquiries regarding the processing of personal data, and how an organisation communicates information in Read More

No Comments