On July 6, 2021, it was reported that British Airways had settled a UK class action lawsuit relating to its 2018 data breach, in which approximately 430,000 data subjects were affected.
Continue Reading British Airways Settles UK Breach Class Action
Information Commissioners Office
European Commission Publishes Final Version of Updated Standard Contractual Clauses
On June 4, 2021, the European Commission published the final version of the implementing decision on standard contractual clauses for transfers of personal data to third countries under the EU General Data Protection Regulation, as well as the final version of the new standard contractual clauses.
Continue Reading European Commission Publishes Final Version of Updated Standard Contractual Clauses
Ticketmaster Appeal of ICO Fine Stayed by UK Tribunal Until 2023
On April 9, 2021, the First-Tier Tribunal of the General Regulatory Chamber stayed proceedings in Ticketmaster UK Limited’s (“Ticketmaster’s”) appeal against a fine issued by the UK Information Commissioner’s Office (“ICO”) until 28 days after a judgment in civil litigation brought by 795 customers against Ticketmaster. The group action, which relates to the breach for which Ticketmaster was fined by the ICO, is currently before the High Court in England. As a result of the stay in proceedings, the appeal likely will not be heard before the Tribunal until mid to late 2023.
…
Continue Reading Ticketmaster Appeal of ICO Fine Stayed by UK Tribunal Until 2023
CIPL Submits Comments on Irish DPC’s Guidance on Safeguarding Personal Data of Children
The Centre for Information Policy Leadership at Hunton Andrews Kurth has submitted its comments on the Irish Data Protection Commissioner’s draft guidance on the safeguarding of the personal data of children when providing online services.
Continue Reading CIPL Submits Comments on Irish DPC’s Guidance on Safeguarding Personal Data of Children
UK Government and ICO Agree on Procedure for Future Adequacy Decisions
The Secretary of State for Digital, Culture, Media & Sport has signed a Memorandum of Understanding with the UK Information Commissioner’s Office in relation to new UK adequacy assessments following the UK’s departure from the European Union. The Memorandum of Understanding sets out how DCMS and third countries will negotiate adequacy decisions, referred to under the Memorandum of Understanding as “adequacy regulations”. …
Continue Reading UK Government and ICO Agree on Procedure for Future Adequacy Decisions
ICO Confirms UK Firms May Rely on Public Interest Derogation for SEC Transfers
On January 19, 2021, the UK Information Commissioner’s Office published its analysis of the application of the UK General Data Protection Regulation to transfers from UK-based firms or branches that are registered, required to be registered or otherwise regulated by the U.S. Securities and Exchange Commission. …
Continue Reading ICO Confirms UK Firms May Rely on Public Interest Derogation for SEC Transfers
EU-UK Trade Deal: What It Means For Post-Brexit Data Flows
On December 24, 2020, the European Union and the United Kingdom reached an agreement in principle on the historic EU-UK Trade and Cooperation Agreement. For data protection purposes, there is a further transition period of up to six months to enable the European Commission to complete its adequacy assessment of the UK’s data protection laws. For the time being, personal data can continue to be exported from the EU to the UK without implementing additional safeguards.
Continue Reading EU-UK Trade Deal: What It Means For Post-Brexit Data Flows
Update: ICO Publishes Data Sharing Code of Practice
On December 17, 2020, the UK Information Commissioner’s Office (“ICO”) published its Data Sharing Code of Practice (the “Code”), in accordance with its obligation to do so under the Data Protection Act 2018 (the “DPA”).
Continue Reading Update: ICO Publishes Data Sharing Code of Practice
CIPL Submits Response to UK DCMS’ National Data Strategy Consultation
On December 2, 2020, the Centre for Information Policy Leadership at Hunton Andrews Kurth submitted its response to the UK Department for Digital, Culture, Media and Sport’s UK National Data Strategy consultation. In its response, CIPL highlights several considerations for DCMS when further developing and implementing its NDS.
Continue Reading CIPL Submits Response to UK DCMS’ National Data Strategy Consultation
ICO Fines Ticketmaster 1.25 Million Pounds for Security Failures
On November 13, 2020, the UK Information Commissioner’s Office fined Ticketmaster UK Limited £1.25 million for failing to keep its customers’ personal data secure.
Continue Reading ICO Fines Ticketmaster 1.25 Million Pounds for Security Failures