‘No-deal’ Brexit and Data Protection – Appointing a Representative
If you process data of EU individuals in the UK or outside the EU after a ‘no-deal’ Brexit, you may need to appoint a representative to ensure you are compliant with GDPR
23 September 2019
14.5 million euro fine issued for improper data retention
A German real estate company has received a multimillion euro fine for retaining personal data. We look at the facts and provide some practical guidance for your data retention practices
05 December 2019
Taking back control - EU institutions challenge use of IT service providers' standard terms
Could the European Data Protection Supervisor’s investigation into Microsoft contracts be the beginning of the end for IT service providers’ standard terms?
11 November 2019
Judgment handed down in landmark Morrisons data breach appeal
The Supreme Court has allowed Morrisons’ appeal, finding that the supermarket was not vicariously liable for data breaches caused by a disgruntled employee
02 April 2020
Stop scrolling: EDPB adopts guidelines on targeting of social media users
In April 2021, the European Data Protection Board ('EDPB') adopted final guidelines on the targeting of social media users (the 'Guidelines')
21 May 2021
Data Protection and Cyber Security: A Survey of Recent Developments and of What May Lie Ahead
In this article, our BCRI team reviews recent developments within the data protection and cyber security landscape, whilst also considering what may lie ahead
04 June 2021
ICO releases draft guidance on how it will calculate financial penalties
The ICO has published draft guidance on its proposed regulatory approach when enforcing data protection law in the UK
23 October 2020
EDPB update on international data transfers following the Schrems II judgment
The European Data Protection Board has published guidance on the implications of the Schrems II judgment, and its relevance for international data transfers
04 August 2020
CJEU ruling on Privacy International case; could it frustrate UK’s GDPR Adequacy Decision?
Data transfers to the UK could be affected by a recent ruling on state surveillance measures and the EDPB’s recently updated European Essential Guarantees following Schrems II
09 December 2020
UK-US data sharing poses risk to UK’s GDPR adequacy decision application
With the Brexit transition period fast approaching, obstacles to the UK’s adequacy decision application remain
27 July 2020
Outsourcing? Don’t forget about operational resilience
We outline what the FCA’s new operational resilience rules mean for regulated financial services firms’ outsourcing and third party risk management
21 July 2021
ICO issues Q&A on the UK's data protection landscape after the Brexit transition period
Ahead of the end of the Brexit transition period, the ICO has issued a guidance note on the key impacts of the expiry of the transition period
14 August 2020