The Media and Communications List has become a Specialist List, with the significant implementation of Civil Procedure Rule 53 along with a new Practice Direction and Pre-Action Protocol.

INFORRM had a Practice Note on these key procedural changes. From 1 October 2019 all data protection claims must now be issued in the Media Communications List of the High Court. The Panopticon Blog has coverage as has INFORRM from Iain Wilson and Elisabeth Mason.

Marriot Hotels fine under the GDPR has drawn attention from the Mishcon de Reya Data Matters Blog.

Apple has released a press release on improving Siri’s privacy protections. The Privacy Perspective blog has a post dealing with the privacy concerns surrounding the use of voice recognition software in a privacy perspective post.

The Privacy Lawyer has an insightful analysis of privacy law class actions and their lack of success in the courts, highlighting that this seems to be due to a lack of compensable damages.

A post from the Privacy Perspective considers the privacy implications of the police using facial recognition software. Brigit Schippers has also written a post on facial recognition outling ten reasons why to be worried about the technology.  The Administrative Court will give judgment in the facial recognition case of The Queen (on the application of Bridges) v Chief Constable of South Wales Police on 4 September 2019.

Internet and Social Media

PwC and Data Protection Report have considered latest CJEU rulings on the operation of third party plugins, software tools which render website operates as joint data controllers. PwC has also highlighted the conundrum with collecting personal data- its value and high compliance demands.

With reposting content being a commonplace mechanism in social media the Social Media Law Bulletin has considered the legal implications of doing so.

Zac Rogers has tackled the matter of regulating Facebook, Google and Amazon in an INFORRM post.

Data Privacy and Data Protection

DLA Piper has covered the changes imposed by the e-Privacy Regulation, primarily to electronic communications and digital marketing, in a recent post.

Major players in internet data commoditisation such as Google and Alibaba have partnered to form the Confidential Computing Consortium, the Mobile Marketing Magazine Reports.

The LSE Media Policy Project has reviewed the matter fair treatment of children’s personal data in a recent blog post.

The Privacy Perspective has covered the use and processing of voice command data by Amazon Alexa. and has also analysed the privacy implications of the police using facial recognition software.

Lexology has posted a data protection update for August 2019. The data protection report has a similar update on the CCPA.

Euronews has an interesting article on the accountability of Interpol to EU data protection laws.


The ICO has changed guidance on time limits in Subject Access Requests, Mischon de Reya’s Data Matters Blog comments.

Increasing concerns over Facebook launching its cryptocurrency Libra have culminated with the ICO joining international signatories in raising data protection concerns. The Data Protection Report has coverage.

The ICO has launched a consultation on the draft framework code of practice for the use of personal data in political campaigning.

The ICO has blogged on data minimisation and privacy-preserving techniques in AI systems.


Mass PrivateI has covered the surveillance regimes in China and America.

Newspapers, Journalism and Regulation

The Information Law and Policy Centre has analysed whether lifelong anonymity orders are still fit for purpose in the social media era.

In a recent post the Transparency Project Blog has highlighted sensationalist and misleading headlines arising from family law court cases in “an example of why headlines matter”.


In an INFORRM post Brian Cathcart has criticised IPSO for its recent handling of complaints and systematic regulatory non-compliance.

IPSO has posted on its approach to regulating user generated content.

IPSO has post a guest blog examining whether the reporting of major incidents has an impact on journalists.

IPSO has a guest blog on reporting on Sikhism.


IPSO has issued six rulings:


In the case of Rush v Nationwide News Pty (No.9) [2019] FCA 1383 Wigney J dismissed an application by Geoffrey Rush for a permanent injunction to restrain the Daily Telegraph from republishing defamatory imputations.  The Judge held that Mr Rush had failed to demonstrate a real or appreciable risk that the defamatory imputations would be repeated.

In the case of Bellino v Queensland Newspapers Pty Ltd [2019] FCA 1380 Flick J dismissed a libel action. He held that the words complained of bore the imputations that the applicant was “a prominent owner of a brothel”; “the prominent owner of an illegal casino”; and “a criminal” but that these imputations were substantially true.

In an INFORRM post Anthony Forsyth has considered the Isreal Folau termination case and its potential impact on free speech.

With Austrlia’s consumer protection regulator recommending major changes to consumer protection and privacy laws Katharine Kemp considers how to safeguard consumer privacy in an INFORRM post.

Mark Pearson has analysed new metadata laws which purport to put confidential interviews at risk.

The Press Gazette has noted that the police force in Australia has been issued with guidance to consider the importance of maintaining free press when investigating leaks.


Canadian Advertising and Marketing Law has covered the federal anti-spam legislation, highlighting common compliance errors.

Michael Geist has highlighted the increasing debate around the imposition of a “Netflix Tax” in the 2019 Elections.


The Greek Parliament has passed a Bill incorporating the GDPR into national law.

The Greek data protection authority has issued its first fine to PriceWaterhouse Coopers, Lexology reports.


Hungary Today has noted the demands of the NAIH data protection authority, which has asked Facebook to guarantee safeguards to user privacy in respect of users’ third party voice calls.


The Asian Age has an interesting article covering the approval process and legislative changes engendered by the Data Protection Bill.


The Irish Data Protection Commission has criticised the implementation of a Public Services Card in a recent report, the Global Government Forum reports.

The Netherlands

The Dutch Data Protection Authority has cited Microsoft Windows as potentially breaching privacy rules.

United States

Stanford’s Cyberlaw Blog has considered how the FTC can help safeguard privacy rights with legislative mandates from Congress.

Research and Resources

Internet and Social Media


Data Protection and Data Privacy


This Round Up was compiled by Suneet Sharma, a junior legal professional with a particular interest and experience in media law.