Facebook reached a settlement with the UK Information Commissioner’s Office, agreeing to pay a fine of 500,000 GBP in relation to the processing and sharing of its users’ personal data with Cambridge Analytica.
Continue Reading
Data Protection Act
UK Court of Appeal Permits Activist to Proceed with Claim for Damages Against Google
Posted on
On October 2, 2019, the UK Court of Appeal handed down its judgment on the appeal in Richard Lloyd v. Google LLC, in which Richard Lloyd, a consumer protection advocate, seeks to bring a representative action on behalf of four million Apple iPhone users against Google LLC in the United States. Previously, the High Court had refused to grant permission for the proceedings to be served outside the UK. The Court of Appeal reversed the High Court’s judgment, granting permission for service outside the UK and allowing the representative action to proceed. The judgment is significant as it paves the way for representative actions (equivalent to class actions) for data protection infringements in the UK.
…
Continue Reading
High Court Dismisses Challenge to Police Use of Facial Recognition Technology
Posted on
On September 4, 2019, the High Court of England and Wales dismissed a challenge against South Wales Police’s use of Automated Facial Recognition technology, determining that the police’s use of AFR had been necessary and proportionate to achieve their statutory obligations.…
Continue Reading
New French Data Protection Act and Implementing Decree Take Force
Posted on
Posted in European Union, International
On June 1, 2019, New Decree No. 2019-536 took force, enabling the French Data Protection Act, as amended by an Ordinance of December 12, 2018, likewise to enter into force. This blog entry provides an overview of the developments. …
Continue Reading
Age Appropriate Design: ICO Issues Draft Code of Practice for Online Services Used by Children
Posted on
On April 15, 2019, the UK Information Commissioner’s Office issued for public consultation a draft code of practice that, once in effect, will regulate the provision of online services likely to be accessed by children in the UK. This blog entry provides an overview of the draft code. …
Continue Reading
Dutch DPA Issues Guidelines on Privacy Policies Following Investigation
Posted on
On April 17, 2019, the Dutch Data Protection Authority issued six recommendations for companies, to be taken into account when drafting privacy policies. This blog entry provides an overview of the recommendations as well as the investigation which preceded their issuance. …
Continue Reading
UK Supreme Court Gives Morrisons Permission to Appeal Data Breach Class Action
Posted on
The UK Supreme Court has granted VM Morrison Supermarkets PLC permission to appeal an October 2018 UK Court of Appeal ruling that Morrisons was vicariously liable for a data breach caused by a former employee. This blog entry provides an overview of the case.…
Continue Reading
ICO Issues GBP 400,000 Fine for Illegal Collection and Sharing of Personal Data
Posted on
On April 9, 2019, the UK Information Commissioner’s Office levied one of its most significant fines under the Data Protection Act 1998 against Bounty (UK) Limited. …
Continue Reading
The CNIL Serves Formal Notice to WhatsApp Regarding Sharing Data with Facebook
Posted on
On December 18, 2017, the French data protection authority publicly announced that it served a formal notice to WhatsApp regarding the sharing of WhatsApp users’ data with Facebook Inc. This decision, dated November 27, 2017, follows the investigations led by the CNIL regarding Facebook’s 2014 acquisition of WhatsApp.…
Continue Reading
UK Government Introduces Draft Data Protection Bill to Parliament
Posted on
Posted in European Union, International
On September 14, 2017, the UK Government introduced a new Data Protection Bill to Parliament, which is intended to replace the UK’s existing Data Protection Act 1998 and enshrine the GDPR into UK law once the UK has left the European Union.…
Continue Reading