It has been some months since the High Court delivered its judgment in R v Bridges concerning the use by South Wales police (SWP) of live facial recognition (LFR) in a public place. For further details see our case analysis here. (link) The claimant has since appealed the decision in the Court of Appeal and the SWP is still under investigation by the Information Commissioners Office (ICO)....
Despite the consultation period for their draft Right of Access Guidance remaining open until the 12th February, the Information Commissioner’s Office (the “ICO”) has amended its published guidance on the timescales for Data Subject Access Request (“DSAR”) compliance. ...
Amidst the hype of the GDPR in 2018, one other area of data protection reform progressed relatively under the radar – the ePrivacy Regulation. Surprising given the potential impact this could have on an organisations’ marketing practices....
Advocate General, Henrik Saugmandsgaard Øe of the Court of Justice of the European Union (CJEU) has just handed down his opinion in response to a referral by the High Court of Ireland for preliminary rulings of law. The High Court case in question related to complaints made by Max Schrems against Facebook Ireland and Facebook Inc concerning the transfer of Mr Schrems' personal data to the United States (U.S)....
The Information Commissioner’s Office (ICO) has launched a consultation to invite views from the public on its new guidance for subject access requests....
The GDPR increased the fines available to EU supervisory authorities for breaches of data protection requirements. Now, as we celebrate the GDPR’s 18-month birthday, it’s a good opportunity to take a look at some of the largest fines imposed to date and where in the EU we are seeing these....
Data protection has been a hot topic since the introduction of the GDPR in May 2018, so what can we expect from the main political parties after the general election in December? We have taken a look at their manifestos…...
There are some types of special category data under the GDPR that attract a higher level of protection given their sensitive nature....
The Court of Justice of the European Union (‘CJEU’) has just handed down its ruling on questions of consent for the use of cookies in Bundesverband der Verbraucherzentralen und Verbraucherverbände – Veerbracherzentrale Bundesverband eV v Planet49 GmbH (“Planet 49 case”)....
Live facial recognition technology or automatic facial recognition (AFR) adds another dimension to CCTV monitoring and other surveillance methods. Using biometrics (certain physical and physiological features), the technology can map facial features to identify particular individuals by matching these with a database of known faces. ...
We are almost 18 months on from the implementation of the GDPR on 25 May 2018 and there have been a wealth of surveys reflecting on how well (or not) organisations have done in meeting the new requirements. ...
On 4 September 2019 the world’s first decision regarding the privacy implications of facial recognition was handed down by the High Court in Cardiff. The implications of the case were of such significance that both the Information Commissioner and Surveillance Camera Commissioner joined as Interveners. ...
You are walking along a side street towards your office. Unbeknown to you a private company has installed closed circuit television with facial recognition capabilities and is tracking your movements. Is this lawful?...
The ICO has updated its guidance on the timeframe for compliance with subject access requests. ...
We live in a digital world. Every facet of daily life is governed to some degree by phone, web or some form of connected technology. There is no question that advances in technology improves communication. The rate of information exchange now as compared to 10 years ago is staggering. Artificial Intelligence or AI and machine learning are revolutionising the way in which we interact with each other and conduct business, But are these advances compatible with the principles of fairness and transparency under the General Data Protection Regulations (GDPR)?...
Just one day after the ICO delivered a notice of intent to fine British Airways £183 million for alleged personal data breaches, it has delivered another, this time to global hotel group, the Marriott International....
The Information Commissioner’s Office has issued a notice of intent to fine British Airways under the new Data Protection Act 2018 (DPA)....
The recently announced huge gift of £150 million to Oxford University by Stephen Schwarzman to fund a new institute for ethics in artificial intelligence is a reminder of the huge importance attached by many to the need for more ethical focus on issues arising from artificial intelligence and technology innovation....
It is almost a year since one of the largest scale reforms of data protection law has taken place. In the run up to May 2018 employers across the country were frantically preparing vast amounts of new documents in light of the impending implementation of the General Data Protection Regulations (GDPR)....
Google LLC has been fined 50 million euros by CNIL (the French data protection regulator and ‘lead authority’ in this matter) for breaches of GDPR. ...