Data watchdog relaxes regulatory function to prioritise guidance on complying with law during coronavirus public health emergency – Local Government Lawyer

‘The Information Commissioner’s Office (ICO) will stand down audit work, issue fewer fines and generally use fewer formal powers against organisations that are struggling to meet data protection standards as a result of the COVID-19 pandemic.’

Full Story

Local Government Lawyer, 22nd May 2020

Source: www.localgovernmentlawyer.co.uk

What Morrisons means for employer liability – Law Society’s Gazette

Posted May 21st, 2020 in causation, data protection, news, Supreme Court, vicarious liability by sally

‘The Supreme Court recently ruled that Morrison Supermarkets was not vicariously liable for a data breach committed maliciously by a former employee who disclosed employee payroll data online (WM Morrison Supermarkets plc v Various Claimants [2020] UKSC 12). The judgment clarified that the test for vicarious liability is whether the acts committed by the employee were ‘so closely connected’ with the acts that they were authorised to carry out by their employer that such acts ‘can fairly and properly be regarded as done’ by the employee acting in the ordinary course of his or her employment.’

Full Story

Law Society's Gazette, 18th May 2020

Source: www.lawgazette.co.uk

School breached data protection and human rights, unlawfully misused personal information of Down’s Syndrome pupil and mother: High Court – Local Government Lawyer

Posted May 21st, 2020 in data protection, disabled persons, human rights, news, school children by sally

‘A primary school breached the Data Protection Act 1988 and Human Rights Act 1998 and unlawfully misused the personal information of a child with Down’s Syndrome and her mother, the High Court has ruled.’

Full Story

Local Government Lawyer, 18th May 2020

Source: www.localgovernmentlawyer.co.uk

MPs and peers call for legal requirement to delete UK contact-tracing data – The Guardian

Posted May 21st, 2020 in bills, coronavirus, data protection, internet, news, select committees by sally

‘The government must legally swear to delete all the data it captures using the NHS Covid-19 contact-tracing app, a committee of MPs and peers has urged.’

Full Story

The Guardian, 15th May 2020

Source: www.theguardian.com

Practice – Mail’s Strikeout Application – NIPC Law

Posted May 18th, 2020 in chambers articles, copyright, damages, data protection, media, news, privacy by sally

‘This was an application by the publisher of the Mail on Sunday and the Mail Online to strike out certain allegations contained in the particulars of claim and further information of the Duchess of Sussex and later the reply in an action that she has brought against the publisher for copyright infringement, misuse of private information and infringement of her rights under the General Data Protection Regulation. The complaint arises from the newspaper’s publication of a letter from the duchess to her father on 10 Feb 2019.’

Full Story

NIPC Law, 17th May 2020

Source: nipclaw.blogspot.com

An Act for the App? Is the NHS contact app bad for your privacy? – Doughty Street Chambers

‘Following the publication last week by the Joint Committee on Human Rights of its report on the proposed NHS App and the risk of adverse effects on privacy and human rights, the Committee has drafted a Bill – the Digital Contact Tracing (Data Protection Bill) – and sent it to the Health Secretary, Matt Hancock.’

Full Story

Doughty Street Chambers, 12th May 2020

Source: insights.doughtystreet.co.uk

Contact tracing – breach of data protection? – UK Human Rights Blog

‘In the rush to lift the lockdown with safeguards, the government has given a green light to “contact tracing” via bluetooth apps on our smartphones (provided we own them and are willling to take up the app).’

Full Story

UK Human Rights Blog, 15th May 20202

Source: ukhumanrightsblog.com

Digital Contact Tracing Updates from the Human Rights Committee – UK Human Rights Blog

‘The Human Rights Committee, reviewing NHSX’s current digital contact tracing app architecture, has recommended that the government’s current privacy assurances are not sufficient to protect data privacy and that legislation must be passed to ensure that. This echoes Professor Lilian Edwards’ call for primary legislation to ensure privacy rights are protected. These recommendations are given special significance NHSX’s choice to adopt the controversial and arguably less secure “centralised” model.’

Full Story

UK Human Rights Blog, 11th May 2020

Source: ukhumanrightsblog.com

Scott v LGBT Foundation Ltd: When Dealing with Personal Information Falls Outside the Data Protection Regime – The 36 Group

‘In Scott v LGBT Foundation Ltd [2020] EWHC 483 (QB) the High Court held that “a verbal disclosure does not constitute the processing of personal data” under the Data Protection Act 1998 (“DPA 1998”).’

Full Story

The 36 Group, 5th May 2020

Source: 36group.co.uk

UK contact-tracing app could fall foul of privacy law, government told – The Guardian

‘The NHS contact-tracing app must not be rolled out across the UK until the government has increased privacy and data protections, an influential parliamentary committee has said, as rights groups warn that the current trial is unlawful under the Data Protection Act.’

Full Story

The Guardian, 7th May 2020

Source: www.theguardian.com

No vicarious liability for a ‘personal vendetta’: WM Morrisons Supermarkets plc (Appellant) v Various Claimants (Respondents) – [2020] UKSC 12 – 3PB

‘Morrisons, the Appellant by the time this case reached the Supreme Court, are, of course, a well-known national chain of supermarkets. The Respondents in this case were approximately 9,000 employees or former employees of Morrisons.’

Full Story

3PB, May 2020

Source: www.3pb.co.uk

Working from Home during COVID-19 – Thomas More Chambers

‘During these unprecedented times, working from home on a full-time basis has become the ‘new normal’. This is in stark contrast to before the coronavirus (COVID-19) pandemic began, when out of 32.6 million people in employment, only 1.7 million regularly worked from home. The change to enforced homeworking was swift and represented significant changes to the lifestyle and routines of both employers and employees, which, in turn, creates a number of legal and practical issues for employers. It is currently unknown how long homeworking will last for, or indeed if the outbreak of COVID-19 will cause a shift towards homeworking on a permanent basis.’

Full Story

Thomas More Chambers, 30th April 2020

Source: www.thomasmore.co.uk

Sean Molloy: Elgizouli v Secretary of State for the Home Department: The Missing Rationality Challenge – UK Constitutional Law Association

‘The long anticipated judgment in Elgizouli v Secretary of State for the Home Department was handed down by the Supreme Court on the 25th March. The Court held that it was not the common law but rather a failure by the Home Secretary to consider his duties under the Data Protection Act 2018 (DPA) that rendered the decision of the then Home Secretary- Sajid Javid- to hand over evidence to US authorities unlawful. While others have commented on the DPA aspect of this case (see here, here, and here), this post touches on the common law strand. However, rather than interrogating the Court’s decision, here I discuss the under-examined issue of rationality, arguing that the factual matrix of the case warranted a greater examination of the Home Secretary’s decision.’

Full Story

UK Constitutional Law Association, 6th May 2020

Source: ukconstitutionallaw.org

Down’s Syndrome student wins compensation after school sent letter to parents detailing violent behaviour – Daily Telegraph

‘The family of a child with Down’s Syndrome has been awarded compensation after a primary school sent a letter to parents detailing her violent behaviour and disability.’

Full Story

Daily Telegraph, 4th May 2020

Source: www.telegraph.co.uk

What are the data privacy considerations of Contact Tracing Apps? – UK Human Rights Blog

‘Coronavirus presents a serious threat to society, legitimising the collection of public health data under Article 9:2 (g) of GDPR regulations, which allows the processing of such data if “necessary for reasons of substantial public interest”. Some of this collection will take the form of contact tracing apps, which have been used in containing the spread of coronavirus in countries such as Singapore.’

Full Story

UK Human Rights Blog, 1st May 2020

Source: ukhumanrightsblog.com

Nyasha Weinberg: Parliament must legislate on the government’s plans for contact tracing apps – UK Constitutional Law Association

‘ Today the Joint Committee on Human Rights will take evidence from the Information Commissioner, academics and the CEO of NHSX on the risks to the right to privacy (Article 8 ECHR) if a contact tracing app is introduced to track and slow the spread of the coronavirus. This is helpful scrutiny of the government’s plans. Yet if the government goes ahead with its proposed contact-tracing application it is essential that the processing of large amounts of personal data by the state, even if done in the public interest, needs a clear legal basis in the form of specific legislation.’

Full Story

UK Constitutional Law Association, 4th May 2020

Source: ukconstitutionallaw.org

Duchess of Sussex: Mail on Sunday wins first round in Meghan privacy case – BBC News

‘The Mail on Sunday has won the first round of a legal battle against the Duchess of Sussex over the publication of a letter she wrote to her father.’

Full Story

BBC News, 1st May 2020

Source: www.bbc.co.uk

Indefinite retention of DNA profile, fingerprints and photographs of a convicted motorist contrary to article 8 – UK Police Law Blog

‘The European Court of Human Rights court held in Gaughran v United Kingdom [2020] ECHR 144 that the police’s indefinite retention of DNA profile, fingerprints and photographs of person convicted of a minor offence without a possibility of review constituted an infringement of Article 8 ECHR (respect for private life). This is the latest in a number of cases where the ECtHR has disagreed with a decision of the Supreme Court and represents a further development of the meaning of “private life”.’

Full Story

UK Police Law Blog, 30th April 2020

Source: ukpolicelawblog.com

Vicarious Liability: whose liability is it anyway? – 4 New Square

‘On 1 April 2020 the Supreme Court handed down judgment in Barclays Bank plc v Various Claimants [2020] UKSC 13 (“Barclays”) and MW Morrison Supermarkets plc v Various Claimants [2020] UKSC 12 (“Morrison”) – the latest in the recent line of cases focussed on the nature, scope and development of the doctrine of vicarious liability.’

Full Story

4 New Square, 20th April 2020

Source: www.4newsquare.com

Health Records and the Deceased – Panopticon

Posted April 23rd, 2020 in bereavement, confidentiality, data protection, families, medical records, news by sally

‘The Access to Health Records Act 1990 is an oft-overlooked member of the information rights family, but it can have a useful role to play. In the case of Re AB [2020] EWHC 691 (Fam) (Re AB) it was important because the applicant was the personal representative seeking the health records of a deceased sibling; precisely the sort of territory to which data protection law does not apply.’

Full Story

Panopticon, 23rd April 2020

Source: panopticonblog.com