Tag Archives: Data Protection Act

UK ICO Revises Subject Access Guidance Following Court Rulings

On June 20, 2017, the UK Information Commissioner’s Office published an updated version of its Code of Practice on Subject Access Requests. The updates are primarily in response to three Court of Appeal decisions from earlier this year regarding data controllers’ obligations to respond to subject access requests. The revisions more closely align the ICO’s position with the court’s judgments.… Continue Reading

DPA of Argentina Issues Draft Data Protection Bill

Pablo Palazzi, from Buenos Aires law firm Allende & Brea, reports that earlier this month, the Argentine Data Protection Agency posted the first draft of a new data protection bill on its website. The Draft Bill is heavily based on the EU GDPR and maintains the structure of Argentina’s current data protection bill.… Continue Reading

UK Government Quizzed on GDPR Implementation and Post-Brexit Data Protection

On February 1, 2017, Matt Hancock, the UK Government Minister responsible for data protection, was questioned by the House of Lords committee on the UK’s implementation plan of the EU General Data Protection Regulation in the context of Brexit. In responding to the questioning, Hancock revealed further details into the UK Government’s position on implementing the GDPR into UK law.… Continue Reading

Entry into Force of the French Digital Republic Bill

On October 7, 2016, the French Digital Republic Bill (the “Bill”) was enacted after a final vote from the Senate. The Bill aligns the French legal data protection framework with the EU General Data Protection Regulation (“GDPR”) requirements before the GDPR becomes applicable in May 2018.… Continue Reading

French Parliament Rejects Data Localization Amendment

On June 30, 2016, a joint committee composed of representatives from both chambers of the French Parliament reached a common position on the French ‘Digital Republic’ Bill that rejects the data localization amendment previously approved by the French Senate, but significantly amends other aspects of the French Data Protection Act. … Continue Reading

UK ICO Releases Its Annual Report for 2013/2014

On July 15, 2014, the UK Information Commissioner's Office released its Annual Report for 2013/14, in which it calls for increases in its funding and substantial new powers to help combat a range of growing privacy and data protection concerns.… Continue Reading

UK ICO to Investigate Only Serious or Repeat Violations

On December 18, 2013, the UK Information Commissioner's Office published a public consultation document containing its proposed strategy for handling data protection violation complaints. The ICO is seeking comments on the proposal through January 31, 2014, and intends to implement the new approach beginning in April.… Continue Reading

ICO Privacy Notice Code Review

As we reported on October 8, 2013, the UK Information Commissioner's Office is in the process of reviewing its Privacy Notices Code of Practice. With the November 30 deadline for submitting comments fast approaching, today the ICO's Head of Policy Delivery posted a request for feedback on the ICO blog.… Continue Reading

Review of UK ICO Privacy Notices Code of Practice

In its October 2013 e-newsletter, the UK Information Commissioner's Office announced that it is reviewing its Privacy Notice Code of Practice to assess whether it should be updated. The Code, last updated in December 2010, is designed to assist organizations in drafting privacy notices.… Continue Reading

UK ICO Publishes New Guidance on Direct Marketing

On September 10, 2013, the UK Information Commissioner’s Office (“ICO”) published new guidance on direct marketing (the “Guidance”). The Guidance explains the application of the two principal legislative instruments that affect direct marketing in the UK: (1) the Privacy and Electronic Communications (EC Directive) Regulations 2003 (“PECR”), which relates specifically to direct marketing; and (2) … Continue Reading

UK ICO Publishes Social Networking and Online Forums Guidance

The UK Information Commissioner’s Office has published guidance on the application of Data Protection Act requirements to social networking sites and online forums. The guidance emphasizes that organizations and individuals that process data for business purposes must comply with DPA requirements in their use of social networking sites and online forums just as they would in any other context.… Continue Reading