Blog
What is your duty to co-operate with your regulator?
Zoe Beels
23 October 2015
Safe Harbor tsunami: a data transfer blockade
Do you worry about the extent to which corporations protect your personal data? An Austrian law student (Max Schrems) acted on such concerns and, as result, toppled a 15 year old international legal agreement between the EU and the US which facilitated the flow of huge quantities of data across the Atlantic. On 6 October 2015, the Court of Justice of the European Union (in Maximilian Schrems v Data Protection Commissioner) invalidated the EU-US Safe Harbor agreement with immediate effect, sending shockwaves through the digital world.
21 August 2015
Google Spain redux – removing search engine links to stories about removing search engine links
Following the Court of Justice of the European Union decision in the now notorious “Google Spain” case, Google, and other search engine operators, have set up processes to deal with request by individuals to have URL links removed from search results against the individual’s name. Individuals are entitled to have URL links removed where, in summary, the link has an unwarranted and negative impact on an individual’s privacy – and this is judged by reference to information contained on the website which the link leads to.
20 August 2015
Effective data security: The time to act is now
The recent hacking of the customer details of 2.4 million customers of Carphone Warehouse provides a stark remainder of the risks of data breaches and the importance of effective data security.
13 August 2015
Information law update: Subject access requests and the dilemma for data controllers
The ability of an individual to require a data controller to provide full details of any personal data held about her is one of the central features of the Data Protection Act 19998 (DPA) – it is regarded by the Information Commissioner as a “fundamental right”.
The DPA sets out a number of exemptions to the right of access and the conventional view has been that, unless one of the exemptions is engaged, the data controller simply has to comply with any subject access request
4 August 2015
Website hacking: Ashley Madison users left wondering who they can trust
Online businesses using third party services could potentially face claims in multiple jurisdictions if a personal data breach occurs. The recent attack on the Ashley Madison website has highlighted yet again the importance of ensuring that robust systems are in place to protect customer information.
