Data Protection Blog

4 April 2018

The Data Protection Bill - New Criminal Offences for Data Protection Breaches On Their Way to the Statute Book

The Data Protection Bill (“the Bill”) was described in the Queen’s speech of June 2017 as a new law to ensure ‘that the United Kingdom retains its world-class regime protecting personal data’. It supplements and bolsters the General Data Protection Regulation (“GDPR”), the directly effective EU regulation on Data Protection coming into force in May. 

Ed Smyth

5 March 2018

Subject Access Requests under the GDPR: What employers need to know

Employers need to be aware of the enhanced rights employees will have to request and access data under the General Data Protection Regulation (‘GDPR’).

Maeve Keenan

5 March 2018

Data protection: A new board room priority

Emily Carter considers the impact and implications of new data protection regime for company directors.  

Emily Carter

20 February 2018

GDPR & Brexit: Data transfers from the EU and the UK’s new status as a “third country”

The GDPR is coming into force on 25 May 2018. The UK is leaving the EU at 11pm on 29 March 2019. No doubt these dates are engraved into the minds of most business owners. But while these deadlines are enough on their own to leave you with plenty to worry about, it is also important to consider the interplay between the two – that is to say, what will Brexit mean in terms of the GDPR? 

Emily Carter

24 January 2018

The £17 million Question - What will the ICO’s enforcement powers be under the GDPR, and how will they be used?

The General Data Protection Regulation (“GDPR”) coming into force in May 2018 empowers national supervisory authorities to issue fines of up to €20 million, or 4% of an organisation’s annual global turnover for certain data protection infringements. These figures have generated headlines and news stories around the globe, many of them misleading. The Information Commissioner, in her post of December last year, warned of ‘scaremongering because of misconceptions’. We seek to put the headline grabbing figures in context, by examining the range of administrative sanctions available to national supervisory authorities for dealing with infringements of GDPR and the criteria they will use when selecting them. In doing so we shed light on how organisations can prepare for, and react to, any data protection infringements to reduce the risk of a heavy fine. 

Fred Allen

Skip to content Home About Us Insights Services Contact Accessibility