In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.
CPW’s Shea Leitch and Kyle Dull to Speak at ACC South Florida’s 12th Annual CLE Conference
The second reading of the Data Protection and Digital Information Bill (the Bill) has been delayed following the election of the new Conservative Party leader. The new date is yet to be announced, but in the meantime, it is worth analysing some of the key changes the Bill proposes. While it promises more flexibility and less ambiguity, practically speaking, the Bill may not represent a fundamental divergence from the current regime.
Continue Reading Data Protection and Digital Information Bill Delayed – Aspects to Consider While We Wait
As part of the UK data protection authority’s new three-year strategy (ICO25), launched on 14 July, UK Information Commissioner John Edwards announced an investigation into the use of AI systems in recruitment. The investigation will have a particular focus on the potential for bias and discrimination stemming from the algorithms and training data
In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.
In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.
Connecticut General Assembly Passes Comprehensive Privacy Bill
The UK’s Competition and Markets Authority (“CMA”), Information Commissioner’s Office (“ICO”) and Google have agreed legally binding commitments from Google on the development of its Privacy Sandbox proposals.
These proposals relate to the removal of third-party cookies – to be phased out by 2023 – in the Chrome browser and Chromium browser engine, which will
We are one (penultimate) step closer to the final adoption of new Standard Contractual Clauses (“SCCs”) by the European Commission.
The final version of a long overdue update to the 2004 (in case of controller-to-controller)/2010 (in case of controller-to-processor) model clauses which companies use to safeguard personal data transfers to controllers/processors outside the EEA under Article 46.2(c) of the GDPR, has cleared one of its final hurdles.
Today, the Article 93 Committee, consisting of the representatives of EU governments, unanimously approved new draft SCCs proposed by the Commission. The Committee is named after Article 93 of the GDPR, referencing the examination procedure, which the draft SCCs of the European Commission (including the one on the new SCCs) had to go through on its way to final adoption.
Continue Reading New Standard Contractual Clauses for Transfer of Personal Data outside the EEA – Getting Warmer by the Day
As businesses in the hospitality and leisure industries are permitted to re-open in England, the Government is asking them to keep a temporary record of their customers and visitors, in order to support NHS Test and Trace. This information will be requested by NHS Test and Trace in the event that someone who has tested positive for COVID-19 lists the business’s premises as a place that they visited recently, or because the premises has been identified as the location of a potential outbreak. This is viewed by the UK Government as a key part of their ongoing response to the virus, as the lockdown is lifted.
Continue Reading The UK Government and the Information Commissioner Provide Guidance on the Collection of Contact-Tracing Information by Hospitality & Leisure Businesses
The ICO has created an information hub for organisations and individuals with guidance on how to tackle data protection issues in their response to COVID-19. The ICO’s main message is that the data protection law will not stop organisations in responding to the crisis.
The hub contains several sections dedicated to organisations, individuals concerned about their personal data, community groups assisting the vulnerable, and healthcare professionals.
In a section dedicated to data controllers, the ICO has published responses to FAQs reflecting the questions its helpline has received in the past few weeks, including guidance on the following:
Continue Reading ICO’s Data Protection and Coronavirus Information Hub
Virgin Media is reportedly one of the latest UK companies to suffer a data security breach. On 5 March 2020, it published a statement on its website explaining that one of its databases had been accessed without Virgin Media’s authorisation, due to a configuration issue. It is reported that the database had been left unsecured since April 2019 and that it contained information about (approximately) 900,000 existing and potential customers. Virgin Media states that the compromised information was mostly limited to contact and product data and importantly, did not contain financial information or passwords.
The statement sets out a number of frequently asked questions, with easy to understand responses. The ICO and affected data subjects have been notified and the statement provides customers with information about possible scams and phishing attacks aimed at helping them to better protect themselves and be aware of the risks in a heightened risk environment, in light of the incident.
Continue Reading Virgin Media suffers Data Security Breach