General Data Protection Regulation

Should we be Surprised by the Latest ICO Fines?

David Smith

Like many others in the data protection world I was initially taken aback by the size of latest fines proposed by the ICO. The idea of fining British Airways in excess of £183m and Marriott International nearly £100m for data breaches that in pre-GDPR days would have attracted fines of no more than £500,000, and Read More

No Comments

ICO bares its teeth with plans to issue over £280m in fines

Adam Smith

Those in the travel sector would be forgiven for feeling rather nervous after the UK’s Information Commissioner’s Office (ICO) announced plans to issue major fines to British Airways and Marriott International following separate data breach incidents in 2018. On 8 June 2019, the ICO issued a statement of its intention to fine British Airways £183.39m Read More

No Comments

New UK ICO guidance on cookies and similar technologies

Nigel Parker

Recent changes to the cookie consent tool on www.ico.org.uk were a good sign that updated guidance from the ICO, on the use of cookies and similar technologies, would soon arrive. The ICO duly published its updated guidance on 3 July. In the run up to GDPR, and since, many companies have adopted enhanced cookie consent tools Read More

No Comments

Adtech tête-à-tête

Karishma Brahmbhatt

Since the dawn of the GDPR-era almost ten months ago, the Adtech industry has found itself the privacy equivalent of Pantone’s Color of the year. During their relatively short stint under the GDPR microscope, adtech players have already seen: 1. Web and cross-device tracking for marketing making its way onto the ICO’s priority-list for 2018-2019; Read More

No Comments

EDPB adopts an opinion on the GDPR and Clinical Trials Regulation –clarifying the basis for processing personal data in a clinical trial context

Emma Keeling

On the 23 January 2019, the European Data Protection Board (the EDPB) adopted an opinion on the interplay between the EU Clinical Trials Regulation (536/2014) (the CTR) and the General Data Protection Regulation (2016/679) (the GDPR) (the Opinion). The Opinion aims to provide greater certainty for those conducting clinical trials, clarifying: • the distinction between Read More

No Comments

German antitrust authority restricts Facebook’s processing of user data

Catharina Glugla

On 7 February 2019 the German antitrust authority (Bundeskartellamt) found that the extent to which Facebook collects, merges, attributes to and uses data in user accounts amounts to an abuse of a dominant position on the market for social networks. Under Facebook’s current terms and conditions, users have to agree to Facebook: (1) collecting user Read More

No Comments