There are many uncertainties ahead and it will be some time before we start to have an appreciation of how precisely Brexit will impact on domestic laws relating to data protection. However, in the meantime, as the ICO has helpfully Continue reading Brexit & DP: Keep calm and carry on?
On 26 May 2016 the ICO issued “Guidance: what to expect and when” which sets out its priorities for preparing for the GDPR. There will be three ‘phases’: ICO guidance European level guidance (in the form of Article 29 Working Party guidelines) Continue reading GDPR: ICO issues more guidance
On 25 May 2016 it emerged that the Irish Data Protection Commissioner (‘Irish DPC’) is planning to refer a case to the Court of Justice of the European Union (‘CJEU’) to determine whether Facebook can use standard contractual clauses, (aka Continue reading CJEU to decide if Model Clauses valid
Under the DPA, personal data cannot be processed unless at least one of the ‘conditions’ set out in Schedules 2 and 3 is met. One of these is that the individual whom the personal data is about has consented to Continue reading The meaning of consent
DETAILS RELEASED On 29 February 2016, the US Department of Commerce and the European Commission released details of the new Privacy Shield, intended to replace Safe Harbor. According to the documentation released, Privacy Shield includes an expanded set of privacy Continue reading Arise Privacy Shield!
In February 2016, the European Commission and the United States agreed on a new framework to permit transatlantic transfers of personal data and replace ‘Safe Harbor’. It’s called ‘Privacy Shield’. Privacy Shield aims to comply with the requirements the European Court Continue reading Privacy Shield replaces Safe Harbor (or does it?)
On 18 December 2015 President Obama signed into law the Cybersecurity Act. In essence, this law is about the sharing of information between private organisations and government agencies to prevent cyber attacks. President Obama has said that there was “only Continue reading Cybersecurity Act v Safe Harbor II
Technology firms such as Google, Amazon, eBay and Cisco, (but not social networks like Facebook) and those running critical services, such as transport, energy, health and finance will have to report cyber-breaches, under new rules proposed by MEPs. The rules Continue reading EU proposes new cybersecurity law
It seems that negotiators are still looking to reach a final draft of the EU’s General Data Protection Regulation by Christmas, although exactly what that final draft will say remains a matter of some speculation. However, rumour has it that it Continue reading New EU law: Will it all be over by Christmas?
On Friday 16 October, Europe’s data protection regulators issued a statement effectively enabling ongoing transfers of personal information from the EU to the US, at least for a few months. The statement calls for a robust, collective and common position Continue reading A (temporary) solution to Safe Harbor