Data Notes

The Importance of Adequate Consent under the GDPR: HMRC Forced to Delete Five Million Records

Latest twist in the Morrisons Case: Supreme Court grants Morrisons permission to appeal

On 15 April 2019, the Supreme Court granted supermarket chain Morrisons permission to appeal against the Court of Appeal ruling that it was vicariously …

GDPR fine in Poland gives important insight into the requirements of Article 14

Last week the Personal Data Protection Office ("UODO") in Poland issued a €220,000 fine to a digital marketing company for breaching its obligations …

EDPB publishes opinion on the interplay between GDPR and ePrivacy

ICO and FCA announce new Memorandum of Understanding

On 18 February 2019, the Information Commissioner's Office (the "ICO") and the Financial Conduct Authority (the "FCA") published a new Memorandum of …

Disinformation and 'fake news': Data implications of the Select Committee report

The German FCO/Facebook decision: implications for data privacy regulation

The German competition authority, the Federal Cartel Office ("FCO") last week announced the results of its investigation into Facebook for a novel abuse …

Cyberattack on German Public Figures Leads To One of Germany's Largest Data Breaches

Last week, it was announced that during December 2018 almost one thousand German public figures, including journalists and a number of prominent …

Data Protection Predictions 2019

2018 was a landmark year for data protection and privacy; the EU General Data Protection Regulation ("GDPR") came into effect on 25 May 2018 …

General Data Protection Regulation: first enforcement notice shows extra-territorial reach

The UK data protection regulator, the Information Commissioner’s Office (ICO), has issued its first enforcement notice under the EU’s new strict data …

Court of Appeal confirms Morrisons vicariously liable for employee's deliberate actions in first successful UK class action for data breach

The Court of Appeal has today dismissed an appeal against the High Court's decision that Morrisons was vicariously liable for its employee’s …

Morrisons – the first successful class action in the UK for data breach

On 1 December 2017, the High Court handed down its judgment on the UK's first class action arising from a data breach (Various Claimants v Morrisons). …