GP surgery administrator fined for illegally accessing patient records – Local Government Lawyer

Posted May 17th, 2017 in data protection, fines, guilty pleas, medical records, news by sally

‘A former NHS administrator has been ordered to pay nearly £800 in fines and costs after pleading guilty to unlawfully accessing patient records.’

Full story

Local Government Lawyer, 17th May 2017

Source: www.localgovernmentlawyer.co.uk

Self-reporting of data breaches in the UK on the rise, where risk of fine is below 1% – OUT-LAW.com

Posted May 16th, 2017 in data protection, fines, health, news, telecommunications by sally

‘Organisations face being fined in less than 1% of data breach cases self-reported to the UK’s data protection watchdog, according to new figures.’

Full story

OUT-LAW.com, 15th May 2017

Source: www.out-law.com

Short Cuts – London Review of Books

‘After Brexit, the public face of criminal justice will look much the same as it does now. The UK has resisted many of the European Union’s moves towards harmonisation of substantive criminal law and procedure, and it is unlikely to use its new-found freedom from the restraints of EU law to decriminalise things like child pornography, cybercrime and people trafficking. The EU’s greatest impact on criminal justice has been through the multiple agreements and instruments that facilitate the detection, investigation and prosecution of such crimes as terrorism, people trafficking, child pornography, drug-smuggling, cybercrime and fraud across the EU. The best known of these is the European Arrest Warrant (EAW), implemented in 2004.’

Full story

London Review of Books, 18th May 2017

Source: www.lrb.co.uk

General Data Protection Regulation (GPDR) Series, Part 1 – introduction and overview – Technology Law Update

Posted May 10th, 2017 in data protection, EC law, news, regulations by sally

‘The General Data Protection Regulation (GPDR) (EU) 2016/679 of 27 April 2016 which comes into force in May 2018, will introduce major changes to the law on the processing of personal data in the European Union. Over the next ten months, several European Union and United States law firms we work very closely with will join us in providing you with more information on the GDPR. Different themes will be tackled month by month to help you prepare for the GDPR deadline.’

Full story

Technology Law Update, 8th May 2017

Source: www.technology-law-blog.co.uk

Implementing the GDPR in the UK: lessons from Germany? – Panopticon

Posted May 10th, 2017 in data protection, EC law, foreign jurisdictions, news, regulations by sally

‘As we all know, the GDPR is all about the harmonisation of data protection across Europe – hence its form as a regulation (directly effective) rather than a directive (domestic implementing legislation needed). Yes, but: the GDPR leaves an awful lot to member states to implement. For example: exemptions to data subjects’ rights, mechanisms for reconciling data protection and freedom of expression, and the machinery of enforcement by supervisory authorities. Until we have domestic implementing legislation, we can’t fully understand how data protection will work after 25 May 2018.’

Full story

Panopticon, 9th May 2017

Source: www.panopticonblog.com

Police force fined £150k after unencrypted DVDs lost in the post – Law Society’s Gazette

Posted May 5th, 2017 in data protection, encryption, fines, news, police, victims, video recordings by tracey

‘Greater Manchester Police has been fined £150,000 after three unencrypted DVDs containing footage of interviews with victims of violent or sexual crimes were lost in the post.’

Full story

Law Society’s Gazette, 4th May 2017

Source: www.lawgazette.co.uk

Henry Pearce: Some Thoughts on the Encryption Regulatory Debate – UK Constitutional Law Association

‘Debates about the regulation of encryption technologies and surveillance have been around for decades. It is in unfortunate circumstances that these debates have now been thrust back into the public eye. Following the horrifying Westminster attack which occurred on 22nd March 2017 Amber Rudd, the UK’s Home Secretary, has been very vocal in suggesting that in order for the police and security services to be able to effectively investigate and prevent future terrorist acts they must be given access to over-the-top messaging services that utilise end-to-end encryption, such as WhatsApp. (End-to-end encryption services can generally be described as those which allows for conversations to be read only by the sender and recipient of individual messages, meaning that such messages cannot be intercepted and read by a third party.) Her comments appeared to have been driven by the fact that Khalid Masood, the perpetrator of the attack, had used WhatsApp shortly before commencing his appalling actions. In particular, Rudd has claimed it is “unacceptable” that governmental agencies were unable to read messages protected by WhatsApp’s end-to-end encryption, and in an interview given to the BBC on Sunday 26th March, intimated that she would consider pursuing the enactment of new legislation which would require the providers of encrypted messaging services to grant access to the UK intelligence agencies. This sentiment has since broadly been endorsed by the UK government.’

Full story

UK Constitutional Law Association, 25th April 2017

Source: www.ukconstitutionallaw.org

Watchdog queries scope of rules on ‘profiling’ under the GDPR – OUT-LAW.com

Posted April 12th, 2017 in data protection, EC law, news by sally

‘It is not clear how broad in scope new rules on “profiling” under the General Data Protection Regulation (GDPR) are, the UK’s data protection watchdog has said.’

Full story

OUT-LAW.com, 11th April 2017

Source: www.out-law.com

UK charities fined for data law breaches – BBC News

‘Eleven charities have been fined by the UK’s data watchdog for misusing information about millions of past donors to seek further funds.’

Full story

BBC News, 5th April 2017

Source: www.bbc.co.uk

Flybe fined for sending 3.3 million unwanted emails – BBC News

Posted March 30th, 2017 in advertising, airlines, consent, data protection, electronic mail, fines, news by tracey

‘The airline Flybe has been fined £70,000 for sending more than 3.3 million marketing emails to people who had opted out of receiving them.’

Full story

BBC News, 29th March 2017

Source: www.bbc.co.uk

Brexit, Article 50 and what it means for innovative businesses – Technology Law Update

Posted March 29th, 2017 in data protection, EC law, news, patents, referendums, treaties by sally

‘The shock of last June’s referendum result, with the UK electorate opting to leave the European Union, is starting to fade. Now the hard graft begins. Tomorrow British Prime Minister Theresa May will trigger Article 50, starting the two year process of negotiations that will end with a deal, an untidy departure or (maybe) an agreement to keep talking. Since the first analysis of what Brexit will mean for businesses we have learned more about what the UK intends to keep and discard. How are things looking now?’

Full story

Technology Law Update, 28th March 2017

Source: www.technology-law-blog.co.uk

Snooping by police to be monitored by independent authority – The Guardian

‘A new independent surveillance procedure to prevent police officers granting themselves permission to access personal emails and records of web-browsing history is being established by the government.’

Full story

The Guardian, 28th March 2017

Source: www.guardian.co.uk

£2 damages winner faces costs bill for nine-day hearing – Law Society’s Gazette

Posted March 15th, 2017 in costs, damages, data protection, misuse of private information, news by tracey

‘A claimant who secured £2 in nominal damages has been told they face a substantial costs bill for turning down an earlier offer to settle.’

Full story

Law Society’s Gazette, 14th March 2017

Source: www.lawgazette.co.uk

NHS data loss scandal has prompted five inquiries, ministers say – The Guardian

Posted March 14th, 2017 in data protection, disclosure, documents, health, inquiries, news by tracey

‘The NHS’s loss of more than half a million pieces of confidential medical correspondence is so serious that it has triggered five separate investigations, ministers have admitted.’

Full story

The Guardian, 13th March 2017

Source: www.guardian.co.uk

Future-proof growth for the digital economy – Technology Law Update

Posted March 9th, 2017 in data protection, EC law, education, employment, news, regulations, reports by sally

‘Last year, the digital economy accounted for 14.5% of all UK service exports, at around £30bn. The UK remains a leader in digital innovation, and maintaining that status is a Government priority. Coadec, the Coalition for a Digital Economy, has released a detailed report suggesting four areas that for improvement to keep pace in the global race: skills, talent, investment and trade.’

Full story

Technology Law Update, 7th March 2017

Source: www.technology-law-blog.co.uk

Recent ruling a reminder that journalistic defence can defeat data protection breach claims, says expert – OUT-LAW.com

‘ A ruling by the High Court in London last month highlights the special rules that publishers can rely on under UK data protection law to defeat claims that they have processed personal data unlawfully.’

Full story

OUT-LAW.com, 8th March 2017

Source: www.out-law.com

Yet another subject access judgment… – Panopticon

Posted March 8th, 2017 in appeals, costs, data protection, disclosure, documents, judgments, news, reasons, universities by tracey

‘So, as the saying goes, you wait months for a subject access judgment, and then three come along at once.’

Full story

Panopticon, 6th march 2017

Source: www.panopticonblog.com

New guidance on incident reporting under EU cybersecurity laws issued for digital service providers – OUT-LAW.com

Posted March 6th, 2017 in confidentiality, data protection, EC law, internet, news, notification by sally

‘Digital service providers (DSPs) will not be obliged to report certain data breaches they experience under new EU cybersecurity laws, according to new guidance issued by the EU’s main cybersecurity body.’

Full story

OUT-LAW.com, 3rd March 2017

Source: www.out-law.com

Section 32 DPA: Resistance not Futile – Panopticon

‘We have banged the drum on Panopticon to almost Phil Collins-like levels on theme of the growing utility of the Data Protection Act to media lawyers, but it would be foolish to pretend it can always produce an answer from nowhere in a traditional journalism context. The judgment in ZXC v Bloomberg LP [2017] EWHC 328 (QB) reminds us of that.’

Full story

Panopticon, 6th March 2017

Source: www.panopticonblog.com

ICO assessing political use of public’s private data – BBC News

Posted March 6th, 2017 in data protection, EC law, elections, news, referendums by sally

‘The information watchdog is scrutinising the use of the public’s private data for political purposes following concerns over an analytics firm linked to the Leave.EU campaign.’

Full story

BBC News, 5th March 2017

Source: www.bbc.co.uk