India’s First Major Personal Data Protection Bill
India is drafting its first bill that aims to protect the personal data of its citizens. This articles goes over the key differences between the GDPR and the new Indian Personal Data Protection Bill (PDPB) and discusses some controversies surrounding it.
Read article
A Timeline of US Mass Surveillance, International Privacy Agreements, and a Disgruntled Austrian
On the 16th July 2020, the CJEU came to a decision on the Schrems II case. The decision invalidated a major EU-US privacy agreement that previously allowed personal data to freely flow between the EU and the US. This court case is the latest chapter in an ongoing saga of privacy activists, commercial selling of ‘big data’ and revelations made by whistle blower Edward Snowden. This article gives a brief timeline of the events leading up to this case.
Read article
Is your use of website cookies currently lawful?
If you have not reviewed your cookie policy since October of 2019, it may not be. Many large corporations appear to be ignorant of a ruling (case C-673/17 - Planet49) that was made by the Court of Justice of the European Union (CJEU). The ruling clarifies how cookies should be managed and the subsequent impact on cookie statements. Indeed, many corporations appear to be breaking the law, even 7 months after the ruling.
Read article
Covid-19 Contact Tracing Apps, a Centralised vs. Decentralised Approach
Contact tracing is currently successfully employed in the UK to prevent the spread of sexually transmitted diseases. It is hoped that the development of the NHS app can prevent the spread of Covid-19. Unfortunately, there have been significant concerns over user privacy. There has been debate and even controversy on the centralised vs. decentralised approach.
Read article
GDPR individual rights – Is the cost to business just about to explode?
The UK government’s job retention scheme has protected 7.5 million workers and almost 1 million businesses. From the start of August 2020, employers will be asked to pay a percentage towards the salaries of their furloughed staff. Will businesses be able to re-employ all their furloughed workers or will we see a significant number of them being made redundant?
Read article
Have I been Pwnd? A Database of Data Breaches
The GDPR was introduced to provide EU citizens with greater protections and control over their personal data. It achieved this by introducing new rights for individuals and by imposing stricter data protection requirements on organisations. But what happens if your personal data was part of a data breach before the GDPR was introduced?
Read article
Data Sharing Agreements: What is the Best Practice?
The ICO states that ‘…whenever a controller uses a processor, there must be a written contract (or other legal act) in place...’ The GDPR sets out what needs to be included in the contract. But what happens if you are a controller sharing data with another controller? You need a Data Sharing Agreement.
Read article
Are Privacy Notices Just About the GDPR?
Every company has been focused on ensuring their privacy notices are compliant for GDPR, however there could be a blind spot. The GDPR may be the strongest privacy regulation in the world, but it isn’t the only one. For example, when your website uses cookies, your organisation must ensure that the Privacy and Electronic Communications…
Read article