Data Protection Blog

21 November 2017

An introduction to Data Protection Officers under the GDPR: Should you appoint one?

There is currently no legal requirement for companies to appoint a dedicated officer responsible for data protection; the Information Commissioner’s Office merely encourages this as good practice.  However, this will change when the General Data Protection Regulation (“GDPR”) comes into force in May 2018 and introduces a requirement for certain organisations to appoint a Data Protection Officer (“DPO”).

Kirsty Churm

23 October 2017

The EU-US Privacy Shield – One Year On and Still Going Strong

The EU-US Privacy Shield was established by the EU Commission in August 2016 to replace the previous ‘Safe Harbour’ system, which was ruled unlawful by the European Court of Justice (to read the ECJ’s decision, see here).

6 September 2017

Data Protection – can employers still monitor employees’ communications in light of Barbulescu v Romania?

Can employers still monitor employees’ communications in light of Barbulescu v Romania? Don’t panic, they can. But, the decision in Barbulescu v Romania from the appeal chamber of the European Court of Human Rights (ECtHR) shows that, in future, they must apply their mind in a much more rigorous way to how they go about it.

James Murray

30 August 2017

Block chain: Is the GDPR out of date already?

The General Data Protection Regulation (“GDPR”) amounts to a significant overhaul of existing data protection regulation and is designed to be ‘technology neutral’. However, how the GDPR will cope with emerging block chain technology and a move towards the decentralisation of data storage remains to be seen. 

Tom Cox

26 June 2017

Data Protection – 10 further top tips for responding to subject access requests

Not long ago, we distilled a series of recent cases and produced practical guidance (see here and here) for employers on dealing with subject access requests under the Data Protection Act 1998 (“SARs”). These blogs were intended to complement our earlier blog “Top 10 tips for responding to a subject access request, which was prepared with the Information Commissioner’s (“ICO”) original code of practice in mind. That code of practice has now been re-issued in light of the recent guidance from the courts and can be found on the ICO’s website here. The code itself is lengthy and detailed, but in this blog, we have picked out another top 10 tips from the most useful and practical additions to the revised code.

Kirsty Churm

Skip to content Home About Us Insights Services Contact Accessibility