Blog Post
This is Going to Hurt: Secret Diaries of the ICO (or, a Song of Enforcement and Fining)
In our latest blog post, Amy Lambert explores the enforcement powers of the Information Commissioner's Office ("ICO") under the General Data Protection Regulation ("GDPR") and the Data Protection Act 2018 ("DPA 18"). The ICO's new GDPR-level fining powers have had plenty of publicity, but what other tools does the ICO have at its disposal? We also consider what the ICO will need to consider while operating within the broader European framework; and what impact a hard Brexit would have on businesses operating in the UK and the EU. Plenty to unpack here, so dive on in.
Blog Post
Employee Monitoring - the Article 29 Working Party refreshes its opinion
A new opinion by the Articles 29 Working Party ("WP29") has been published on the monitoring of employees. It seeks to clarify the legal position under the Data Protection Directive (as well as foreshadowing the obligations under the imminent General Data Protection Regulation ("GDPR")) and to reflect new and advanced monitoring techniques and technologies. In this blog we discuss the key themes of the opinion, the suggestions made by the WP29 and how this may affect your business.
Blog Post
Big Data analytics in Europe - the reports of its death are greatly exaggerated
As GDPR is strengthens the rights of individuals in the EUs and becomes more prescriptive about the collection and use of data it doesn't forbid big data. Mark Webber explores the hurdles for businesses and how to handle big data with GDPR.
Blog Post
The GDPR will set the benchmark for global privacy contracting – and here's why.
The GDPR will introduce major changes to the data processing terms on which customers engage service providers. However, the GDPR's requirements will impact not just EU data processing agreements, but will set the standard for data protection agreements throughout the world as service providers compete to offer the most compliant service to their global customers. This blog explains why.
Blog Post
Getting GDPR ready – as easy as 1, 2, 3 (er..4!)
Are you ready for this? Originally 261 pages, the GDPR has over 20,000 more words than Shakespeare's Hamlet and has probably resulted in more primers and updates in your inbox than your IT department's imposed storage limits will tolerate. Headlines like: "Companies who've not started GDPR readiness will not be ready on time" and "GDPR fines up to 4% of worldwide turnover" intended to scare, actually scare you. Getting "GDPR ready" may seem a daunting task – but with careful planning, project management and prioritisation, it is an achievable one.