Free tools and resources for Data Protection Officers!

Tag Archives for " UK "

Legal proceedings to start following EU citizens’ immigration data access controversy

EU citizens have to launch a legal case against a law which stops people from gaining access to immigration data held on them by the Home Office and other government organisations.

A campaign group named the3million has now been granted a judicial review against the government regarding an element of the Data Protection Act 2018; the group represents UK-based EU citizens as well as the Open Rights Group.

Source: Legal proceedings to start following EU citizens’ immigration data access controversy

Home Affairs plays down encryption law fears and promises to help industry cover costs

The UK home affairs department has sought to allay concerns about encryption legislation rushed through parliament at the end of 2018, promising to help pay for the costs of new surveillance capabilities and to consult industry on implementation.

In January the department contacted industry participants seeking help to write guidelines for the new regime of compulsory notices to access the electronic communications of people suspected of crimes or build new capabilities to help break encryption.

Full article: Home Affairs plays down encryption law fears and promises to help industry cover costs | Australia news | The Guardian

CCPA: How will new privacy law impact trade with America?

You wait years for data privacy regulations to catch up with current data processing requirements and then, like buses, two arrive at the same time. Many UK organisations may well feel like they have been hit by a bus, given the dramatic impact that the General Data Protection Regulation (GDPR) has had since its implementation in May.

Full article: CCPA: How will new privacy law impact trade with America?

Draft Brexit Data Protection Regulations would undermine adequacy determination for the UK

One thing can be certain following the recent Brexit Parliamentary shenanigans. The UK will eventually choose from: (a) a hard Brexit; (b) a deferred Brexit; (c) a Brexit perhaps softer than Mrs May’s defeated Brexit, or (d) no Brexit. As most options involve Brexit, the approach the Government has adopted to align Brexit with the GDPR is important.

Full article: Draft Brexit Data Protection Regulations would undermine adequacy determination for the UK

Department of Commerce Updates Privacy Shield FAQs to Clarify Applicability to UK Personal Data

On December 20, 2018, the Department of Commerce updated its frequently asked questions on the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks to clarify the effect of the UK’s planned withdrawal from the EU on March 29, 2019.

The FAQs provide information on the steps Privacy Shield participants must take to receive personal data from the UK in reliance on the Privacy Shield after such time.

Source: Department of Commerce Updates Privacy Shield FAQs to Clarify Applicability to UK Personal Data | Privacy & Information Security Law Blog

ICO consults on its proposed Freedom of Information strategy 

The ICO continues to promote the reform of access to information legislation so it remains fit for purpose. Later this month, the ICO will publish a report to Parliament in order to make recommendations for change in relation to outsourced public services.

Source: ICO consults on its proposed Freedom of Information strategy – Privacy Laws & Business

Parliament fails to approve the EU Withdrawal Agreement: Data protection implications

On 25 November 2018 the UK Government and the EU agreed a draft withdrawal agreement which set out the terms of the UK’s departure from the EU and made a political declaration on the framework for their future relationship, as provided for under Article 50(2) of the Treaty on European Union ( Withdrawal Agreement ).

The purpose of the Withdrawal Agreement is to set out the terms of the UK’s departure from the EU and provide a transition period during which a more nuanced and ambitious future relationship can be agreed.

Full article: Parliament fails to approve the EU Withdrawal Agreement: Data protection implications

UK government gives advice to online businesses in case of no-deal Brexit

The UK government has issued guidance for online businesses and service providers on how to operate in the European Economic Area (EEA) should the UK leave the EU at the end of March with no withdrawal agreement.

The guidance covers activities governed by the EU’s e-Commerce Directive, including online retail, social media, search engines, video sharing sites, and internet service providers

Full article: UK government gives advice to online businesses in case of no-deal Brexit

Irish Data Protection Advisory Releases Guidance on Data Consequences following ‘No Deal Brexit’

Guidance on what should happen with transfers of personal data to and from the United Kingdom, including Northern Ireland, following a possible ‘no deal’ Brexit has been published by the Irish Data Protection Commission (DPC).

The organisation warned that Irish and Irish-based companies that manage private personal data will be required to ensure data being transferred to the UK is done so lawfully following a possible March 29 date the UK leaving the European Union. From that date, in the event of no exit deal being agreed, the UK must be treated as any other non-EU State and would not enjoy the existing free movement of data that it currently does.

Full article: Irish Data Protection Advisory Releases Guidance on Data Consequences following ‘No Deal Brexit’ – Compliance Junction

GDPR May Add Up To $8.8B Marriott’s Data Breach Expenses

Marriott data breach is under investigation in several countries, where the hotel and resorts giant has a presence. In the E.U., Information Commissioner’s Office (ICO) leads the investigation.

Given that the global annual revenue of the company reached $22.89 billion in 2017 and the strictest fine could amount to 4% of it, the sanctions imposed by the E.U. could be translated to $8.8 billion.

Full article: GDPR May Add Up To $8.8B Marriott’s Data Breach Expenses

>