On January 19, 2021, the UK Information Commissioner’s Office published its analysis of the application of the UK General Data Protection Regulation to transfers from UK-based firms or branches that are registered, required to be registered or otherwise regulated by the U.S. Securities and Exchange Commission.
Continue Reading ICO Confirms UK Firms May Rely on Public Interest Derogation for SEC Transfers
Information Commissioners Office
EU-UK Trade Deal: What It Means For Post-Brexit Data Flows
On December 24, 2020, the European Union and the United Kingdom reached an agreement in principle on the historic EU-UK Trade and Cooperation Agreement. For data protection purposes, there is a further transition period of up to six months to enable the European Commission to complete its adequacy assessment of the UK’s data protection laws. For the time being, personal data can continue to be exported from the EU to the UK without implementing additional safeguards.…
Continue Reading EU-UK Trade Deal: What It Means For Post-Brexit Data Flows
ICO Publishes Data Sharing Code of Practice
On December 17, 2020, the UK Information Commissioner’s Office (“ICO”) published its Data Sharing Code of Practice (the “Code”), in accordance with its obligation to do so under the Data Protection Act 2018 (the “DPA”).…
Continue Reading ICO Publishes Data Sharing Code of Practice
CIPL Submits Response to UK DCMS’ National Data Strategy Consultation
On December 2, 2020, the Centre for Information Policy Leadership at Hunton Andrews Kurth submitted its response to the UK Department for Digital, Culture, Media and Sport’s UK National Data Strategy consultation. In its response, CIPL highlights several considerations for DCMS when further developing and implementing its NDS.…
Continue Reading CIPL Submits Response to UK DCMS’ National Data Strategy Consultation
ICO Fines Ticketmaster 1.25 Million Pounds for Security Failures
On November 13, 2020, the UK Information Commissioner’s Office fined Ticketmaster UK Limited £1.25 million for failing to keep its customers’ personal data secure.…
Continue Reading ICO Fines Ticketmaster 1.25 Million Pounds for Security Failures
Webinar on Brexit and Adequacy: Separating Fact from Fiction
On November 10, 2020, Hunton Andrews Kurth will host a webinar examining the data protection considerations that arise on the UK’s departure from the EU. The UK’s Brexit transition period ends on December 31, 2020, and it is not clear whether the EU will formally recognize the UK’s data protection regime as ‘adequate.’ What does this mean for companies’ plans to update their data transfer mechanisms? Is adequacy the holy grail it is widely believed to be? What other issues must be considered? Is there still time?
…
Continue Reading Webinar on Brexit and Adequacy: Separating Fact from Fiction
CIPL Submits Response to DCMS Consultation on Representative Actions
On October 22, 2020, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its response to the UK Department for Digital, Culture, Media and Sport (“DCMS”) call for views and evidence on its review of representative actions under Section 189 of the Data Protection Act 2018 (“DPA”). Section 189 requires the UK government to review the operation of the representative action provisions of the DPA and provide a report to Parliament by November 25, 2020.
…
Continue Reading CIPL Submits Response to DCMS Consultation on Representative Actions
ICO Publishes Report on Compliance in Direct Marketing Data Broking Sector
On October 27, 2020, the UK Information Commissioner’s Office published a report following its investigation into data protection compliance in the direct marketing data broking sector, alongside its enforcement action against Experian.…
Continue Reading ICO Publishes Report on Compliance in Direct Marketing Data Broking Sector
ICO Fines Marriott International £18.4 Million for Security Breach
On October 30, 2020, the UK Information Commissioner’s Office announced its fine of £18.4 for Marriott International, Inc., for violations of the GDPR, a significant decrease from the proposed fine of £99,200,396 announced in July 2019.…
Continue Reading ICO Fines Marriott International £18.4 Million for Security Breach
ICO Issues Enforcement Notice Against Experian
On October 27, 2020, the UK Information Commissioner’s Office published its enforcement notice against credit reference agency Experian Limited under Section 149 of the Data Protection Act 2018.…
Continue Reading ICO Issues Enforcement Notice Against Experian