On October 30, 2020, the UK Information Commissioner’s Office announced its fine of £18.4 for Marriott International, Inc., for violations of the GDPR, a significant decrease from the proposed fine of £99,200,396 announced in July 2019.
Continue Reading ICO Fines Marriott International £18.4 Million for Security Breach
United Kingdom
ICO Issues Enforcement Notice Against Experian
On October 27, 2020, the UK Information Commissioner’s Office published its enforcement notice against credit reference agency Experian Limited under Section 149 of the Data Protection Act 2018.…
Continue Reading ICO Issues Enforcement Notice Against Experian
ICO Releases Updated Right of Access Guidance
On October 21, 2020, the UK Information Commissioner’s Office released its updated guidance on the data subject right of access under Article 15 of the EU General Data Protection Regulation.…
Continue Reading ICO Releases Updated Right of Access Guidance
Webinar on the Latest Developments on Cookie Guidance Featuring the UK ICO and CNIL
On November 5, 2020, Hunton Andrews Kurth will host a panel discussion with representatives from the UK Information Commissioner’s Office (“ICO”) and the French Data Protection Authority (“CNIL”) to explore the latest developments on cookie guidance and compare their respective approaches. In our webinar titled “From a Regulator’s Perspective: Latest Developments on Cookie Guidance from the ICO and CNIL,” our speakers will discuss practical cookie law issues, including: …
Continue Reading Webinar on the Latest Developments on Cookie Guidance Featuring the UK ICO and CNIL
ICO Fines British Airways £20 Million for Security Breach
On October 16, 2020, the UK Information Commissioner’s Office announced its fine of £20,000,000 for British Airways for violations of the GDPR, which is a significant decrease from the proposed fine of £183,390,000 from July 2019. …
Continue Reading ICO Fines British Airways £20 Million for Security Breach
CJEU Restricts Indiscriminate Access to Electronic Communications for National Security Purposes
On October 6, 2020, the Court of Justice of the European Union handed down Grand Chamber judgments determining that the ePrivacy Directive does not allow for EU Member States to adopt legislation intended to restrict the scope of its confidentiality obligations unless they comply with the general principles of EU law.…
Continue Reading CJEU Restricts Indiscriminate Access to Electronic Communications for National Security Purposes
ICO Launches Consultation on Its Draft Statutory Guidance
On October 1, 2020, the UK Information Commissioner’s Office launched a public consultation on its draft Statutory Guidance, which provides an overview of the ICO’s powers and how it intends to regulate and enforce data protection legislation in the UK, including its approach to calculating fines.…
Continue Reading ICO Launches Consultation on Its Draft Statutory Guidance
ICO Publishes Its Accountability Framework
On September 9, 2020, the UK Information Commissioner’s Office published an Accountability Framework, designed to assist organizations in complying with their accountability obligations under the EU General Data Protection Regulation.…
Continue Reading ICO Publishes Its Accountability Framework
Age Appropriate Design Code Set to Come into Force
The UK Information Commissioner’s Age Appropriate Design Code, which sets out the standards that online services must meet in order to protect children’s privacy, has completed the Parliamentary process and will come into force on September 2, 2020. …
Continue Reading Age Appropriate Design Code Set to Come into Force
UK Court of Appeal Finds Automated Facial Recognition Technology Unlawful in Bridges v South Wales Police
On August 11, 2020, the Court of Appeal of England and Wales overturned the High Court’s dismissal of a challenge to South Wales Police’s use of Automated Facial Recognition technology, finding that its use was unlawful and violated human rights.…
Continue Reading UK Court of Appeal Finds Automated Facial Recognition Technology Unlawful in Bridges v South Wales Police