Uncategorised

The Netherlands: Obligation to notify serious cybersecurity incidents might expose banks to new risks

Peter Eijsvoogel

A draft Dutch law will, once adopted, require mandatory notification of security breaches or loss of integrity of ICT systems that may have a significant impact on the availability or integrity of certain vital products or services (the Bill). The Bill will affect the financial services sector. The new law is expected to take effect Read More

No Comments

Autonomous & connected vehicles: navigating the legal issues

Nigel Parker

Research has forecast the inexorable rise of the “connected car” and the continued push towards autonomous vehicles. We can expect to see significant disruption to the automotive industry as a consequence of changes to the value chain and business models driven by these developments. We have prepared a paper, which discusses key trends and legal Read More

No Comments

Payment service providers face even tougher DP requirements than those under the GDPR

Jane Finlayson-Brown

Application Programming Interfaces (APIs) are bringing new open banking initiatives to the forefront of online payment services, with huge potential for innovation.  Although access to data is essential in the rise of APIs, processing personal data for open banking initiatives covered by Payment Services Directives or the Open Banking Standard will always require explicit consent. Read More

No Comments

Musings from Marrakech

David Smith

I had the pleasure of attending the 38th International Conference of Data Protection and Privacy Commissioners in Marrakech. Although, for the first time, I wasn’t eligible to take part in the first day and a half of the conference, which is a closed session for accredited data protection authorities, I was able to participate in Read More

No Comments

Are We Heading Towards Personal Liability for Data Protection Breaches?

David Smith

A couple of weeks ago I heard Stephen Eckersley, the ICO’s Head of Enforcement being put on the spot on Radio 4 about the number of the fines imposed by the ICO that have gone unpaid. This isn’t a problem with what might be considered the more reputable businesses that pay up when fined but Read More

No Comments

ICO announced record fine on TalkTalk in relation to cyber attack

Lawson Caisley

On 5 October 2016, the Information Commissioner’s Office announced that it had imposed a record fine on TalkTalk in relation to the cyber attack suffered by TalkTalk last year. Click here for the official announcement. The following key points arise out of the ICO’s decision and comments: TalkTalk was fined because the ICO concluded that Read More

No Comments