‘The Information Commissioner’s Office (ICO) will stand down audit work, issue fewer fines and generally use fewer formal powers against organisations that are struggling to meet data protection standards as a result of the COVID-19 pandemic.’
Local Government Lawyer, 22nd May 2020
Source: www.localgovernmentlawyer.co.uk
‘The Supreme Court recently ruled that Morrison Supermarkets was not vicariously liable for a data breach committed maliciously by a former employee who disclosed employee payroll data online (WM Morrison Supermarkets plc v Various Claimants [2020] UKSC 12). The judgment clarified that the test for vicarious liability is whether the acts committed by the employee were ‘so closely connected’ with the acts that they were authorised to carry out by their employer that such acts ‘can fairly and properly be regarded as done’ by the employee acting in the ordinary course of his or her employment.’
Law Society's Gazette, 18th May 2020
Source: www.lawgazette.co.uk
‘A primary school breached the Data Protection Act 1988 and Human Rights Act 1998 and unlawfully misused the personal information of a child with Down’s Syndrome and her mother, the High Court has ruled.’
Local Government Lawyer, 18th May 2020
Source: www.localgovernmentlawyer.co.uk
‘The government must legally swear to delete all the data it captures using the NHS Covid-19 contact-tracing app, a committee of MPs and peers has urged.’
The Guardian, 15th May 2020
Source: www.theguardian.com
‘This was an application by the publisher of the Mail on Sunday and the Mail Online to strike out certain allegations contained in the particulars of claim and further information of the Duchess of Sussex and later the reply in an action that she has brought against the publisher for copyright infringement, misuse of private information and infringement of her rights under the General Data Protection Regulation. The complaint arises from the newspaper’s publication of a letter from the duchess to her father on 10 Feb 2019.’
NIPC Law, 17th May 2020
Source: nipclaw.blogspot.com
‘Following the publication last week by the Joint Committee on Human Rights of its report on the proposed NHS App and the risk of adverse effects on privacy and human rights, the Committee has drafted a Bill – the Digital Contact Tracing (Data Protection Bill) – and sent it to the Health Secretary, Matt Hancock.’
Doughty Street Chambers, 12th May 2020
Source: insights.doughtystreet.co.uk
‘In the rush to lift the lockdown with safeguards, the government has given a green light to “contact tracing” via bluetooth apps on our smartphones (provided we own them and are willling to take up the app).’
UK Human Rights Blog, 15th May 20202
Source: ukhumanrightsblog.com
‘The Human Rights Committee, reviewing NHSX’s current digital contact tracing app architecture, has recommended that the government’s current privacy assurances are not sufficient to protect data privacy and that legislation must be passed to ensure that. This echoes Professor Lilian Edwards’ call for primary legislation to ensure privacy rights are protected. These recommendations are given special significance NHSX’s choice to adopt the controversial and arguably less secure “centralised” model.’
UK Human Rights Blog, 11th May 2020
Source: ukhumanrightsblog.com
‘The NHS contact-tracing app must not be rolled out across the UK until the government has increased privacy and data protections, an influential parliamentary committee has said, as rights groups warn that the current trial is unlawful under the Data Protection Act.’
The Guardian, 7th May 2020
Source: www.theguardian.com
‘Morrisons, the Appellant by the time this case reached the Supreme Court, are, of course, a well-known national chain of supermarkets. The Respondents in this case were approximately 9,000 employees or former employees of Morrisons.’
3PB, May 2020
Source: www.3pb.co.uk
‘During these unprecedented times, working from home on a full-time basis has become the ‘new normal’. This is in stark contrast to before the coronavirus (COVID-19) pandemic began, when out of 32.6 million people in employment, only 1.7 million regularly worked from home. The change to enforced homeworking was swift and represented significant changes to the lifestyle and routines of both employers and employees, which, in turn, creates a number of legal and practical issues for employers. It is currently unknown how long homeworking will last for, or indeed if the outbreak of COVID-19 will cause a shift towards homeworking on a permanent basis.’
Thomas More Chambers, 30th April 2020
Source: www.thomasmore.co.uk
‘The long anticipated judgment in Elgizouli v Secretary of State for the Home Department was handed down by the Supreme Court on the 25th March. The Court held that it was not the common law but rather a failure by the Home Secretary to consider his duties under the Data Protection Act 2018 (DPA) that rendered the decision of the then Home Secretary- Sajid Javid- to hand over evidence to US authorities unlawful. While others have commented on the DPA aspect of this case (see here, here, and here), this post touches on the common law strand. However, rather than interrogating the Court’s decision, here I discuss the under-examined issue of rationality, arguing that the factual matrix of the case warranted a greater examination of the Home Secretary’s decision.’
UK Constitutional Law Association, 6th May 2020
Source: ukconstitutionallaw.org
‘The family of a child with Down’s Syndrome has been awarded compensation after a primary school sent a letter to parents detailing her violent behaviour and disability.’
Daily Telegraph, 4th May 2020
Source: www.telegraph.co.uk
‘Coronavirus presents a serious threat to society, legitimising the collection of public health data under Article 9:2 (g) of GDPR regulations, which allows the processing of such data if “necessary for reasons of substantial public interest”. Some of this collection will take the form of contact tracing apps, which have been used in containing the spread of coronavirus in countries such as Singapore.’
UK Human Rights Blog, 1st May 2020
Source: ukhumanrightsblog.com
‘ Today the Joint Committee on Human Rights will take evidence from the Information Commissioner, academics and the CEO of NHSX on the risks to the right to privacy (Article 8 ECHR) if a contact tracing app is introduced to track and slow the spread of the coronavirus. This is helpful scrutiny of the government’s plans. Yet if the government goes ahead with its proposed contact-tracing application it is essential that the processing of large amounts of personal data by the state, even if done in the public interest, needs a clear legal basis in the form of specific legislation.’
UK Constitutional Law Association, 4th May 2020
Source: ukconstitutionallaw.org
‘The Mail on Sunday has won the first round of a legal battle against the Duchess of Sussex over the publication of a letter she wrote to her father.’
BBC News, 1st May 2020
Source: www.bbc.co.uk
‘The European Court of Human Rights court held in Gaughran v United Kingdom [2020] ECHR 144 that the police’s indefinite retention of DNA profile, fingerprints and photographs of person convicted of a minor offence without a possibility of review constituted an infringement of Article 8 ECHR (respect for private life). This is the latest in a number of cases where the ECtHR has disagreed with a decision of the Supreme Court and represents a further development of the meaning of “private life”.’
UK Police Law Blog, 30th April 2020
Source: ukpolicelawblog.com
‘On 1 April 2020 the Supreme Court handed down judgment in Barclays Bank plc v Various Claimants [2020] UKSC 13 (“Barclays”) and MW Morrison Supermarkets plc v Various Claimants [2020] UKSC 12 (“Morrison”) – the latest in the recent line of cases focussed on the nature, scope and development of the doctrine of vicarious liability.’
4 New Square, 20th April 2020
Source: www.4newsquare.com
‘The Access to Health Records Act 1990 is an oft-overlooked member of the information rights family, but it can have a useful role to play. In the case of Re AB [2020] EWHC 691 (Fam) (Re AB) it was important because the applicant was the personal representative seeking the health records of a deceased sibling; precisely the sort of territory to which data protection law does not apply.’
Panopticon, 23rd April 2020
Source: panopticonblog.com
© Inner Temple Library 2020