On October 2, 2019, the UK Court of Appeal handed down its judgment on the appeal in Richard Lloyd v. Google LLC, in which Richard Lloyd, a consumer protection advocate, seeks to bring a representative action on behalf of four million Apple iPhone users against Google LLC in the United States. Previously, the High Court had refused to grant permission for the proceedings to be served outside the UK. The Court of Appeal reversed the High Court’s judgment, granting permission for service outside the UK and allowing the representative action to proceed. The judgment is significant as it paves the way for representative actions (equivalent to class actions) for data protection infringements in the UK.

Continue Reading UK Court of Appeal Permits Activist to Proceed with Claim for Damages Against Google

On September 4, 2019, the High Court of England and Wales dismissed a challenge against South Wales Police’s use of Automated Facial Recognition technology, determining that the police’s use of AFR had been necessary and proportionate to achieve their statutory obligations.
Continue Reading High Court Dismisses Challenge to Police Use of Facial Recognition Technology

On August 15, 2019, the UK Information Commissioner’s Office updated its guidance on the timescale for responding to data subject access requests under the EU General Data Protection Regulation, following a ruling of the Court of Justice of the European Union . The guidance now states that the time limit should be calculated from the