The International Forum for Responsible Media Blog
Data breaches have become common, and billions of records are stolen worldwide every year. Most of the media coverage of data breaches tends to focus on how the breach happened, how many records were stolen and the financial and legal impact of the incident for organizations and individuals affected by the breach. But what happens to the data that is stolen during these incidents? Continue reading
On 28 and 29 April 2021, the Supreme Court (Lord Reed, Lady Arden, Lords Sales, Leggatt and Burrows) heard the long awaited Google appeal against the Court of Appeal’s 2 October 2019 decision ([2019] EWCA Civ 1599). Continue reading
On Wednesday 28 April and Thursday 29 April 2021, the UK Supreme Court will hear Lloyd v Google LLC, a hotly anticipated appeal which could see the rebirth of the CPR 19.6 representative claim vehicle for opt-out data privacy ‘class actions’. Continue reading
As the restrictions begin to be eased across the UK, the current hot topic is the introduction of ‘Covid vaccine passports’ – certificates showing the status of an individual’s vaccination (and potentially of their latest tests or their immunity status). Continue reading
While Article 30 of the European Union Data Protection Regulation (hereinafter ‘GDPR’) is often talked about for its obligations of keeping records of processing, not much attention is paid to the exemption it provides to small organizations. The provision provides an exemption from record-keeping obligations under GDPR to organizations having an employee strength of less than 250. Continue reading
After years of uncertainty, the EU-UK Trade and Cooperation Agreement finally establishes a basis for future relations. Personal data governance was an important part of the negotiations and the Agreement includes a number of provisions in this area. Continue reading
The decision of Mr Justice Jay in Soriano v Forensic News LLC [2021] EWHC 56 (QB) is interesting in a number of respects but in particular for its analysis of the circumstances in which the GDPR will apply to a publisher (or indeed any data controller/processor) based outside of the EU. Continue reading
The inception of the General Data Protection Regulation (‘GDPR’) in May 2018 has made it easier for individuals within the UK and the EU (and sometimes those based elsewhere) to assert their data protection rights to object to the inclusion of false or outdated information about them in risk/compliance databases. Continue reading
Seven years ago I started to take an annual look at what the coming year might hold for internet law in the UK. This exercise has always, perforce, included EU law. With Brexit now fully upon us future developments in EU law will no longer form part of UK law. Continue reading
Inforrm covered a wide range of data protection and privacy cases in 2020. Following the widely read posts in 2018 and 2019 here is my selection of most notable privacy and data protection cases from 2020: Continue reading
© 2021 Inforrm's Blog
Theme by Anders Norén — Up ↑