The Court of Justice of the European Union (‘CJEU’) has just handed down its ruling on questions of consent for the use of cookies in Bundesverband der Verbraucherzentralen und Verbraucherverbände – Veerbracherzentrale Bundesverband eV v Planet49 GmbH (“Planet 49 case”)....
Live facial recognition technology or automatic facial recognition (AFR) adds another dimension to CCTV monitoring and other surveillance methods. Using biometrics (certain physical and physiological features), the technology can map facial features to identify particular individuals by matching these with a database of known faces. ...
We are almost 18 months on from the implementation of the GDPR on 25 May 2018 and there have been a wealth of surveys reflecting on how well (or not) organisations have done in meeting the new requirements. ...
On 4 September 2019 the world’s first decision regarding the privacy implications of facial recognition was handed down by the High Court in Cardiff. The implications of the case were of such significance that both the Information Commissioner and Surveillance Camera Commissioner joined as Interveners. ...
You are walking along a side street towards your office. Unbeknown to you a private company has installed closed circuit television with facial recognition capabilities and is tracking your movements. Is this lawful?...
The ICO has updated its guidance on the timeframe for compliance with subject access requests. ...
We live in a digital world. Every facet of daily life is governed to some degree by phone, web or some form of connected technology. There is no question that advances in technology improves communication. The rate of information exchange now as compared to 10 years ago is staggering. Artificial Intelligence or AI and machine learning are revolutionising the way in which we interact with each other and conduct business, But are these advances compatible with the principles of fairness and transparency under the General Data Protection Regulations (GDPR)?...
Just one day after the ICO delivered a notice of intent to fine British Airways £183 million for alleged personal data breaches, it has delivered another, this time to global hotel group, the Marriott International....
The Information Commissioner’s Office has issued a notice of intent to fine British Airways under the new Data Protection Act 2018 (DPA)....
The recently announced huge gift of £150 million to Oxford University by Stephen Schwarzman to fund a new institute for ethics in artificial intelligence is a reminder of the huge importance attached by many to the need for more ethical focus on issues arising from artificial intelligence and technology innovation....
It is almost a year since one of the largest scale reforms of data protection law has taken place. In the run up to May 2018 employers across the country were frantically preparing vast amounts of new documents in light of the impending implementation of the General Data Protection Regulations (GDPR)....
Google LLC has been fined 50 million euros by CNIL (the French data protection regulator and ‘lead authority’ in this matter) for breaches of GDPR. ...
The EU’s Data Protection pride and joy, GDPR, came in a little over seven months ago. Despite this, many workers are still not compliant and, worse still, are unaware that they are doing anything wrong. ...
In the recent case of WM Morrison Supermarkets plc v Various Claimants, Morrisons faced claims from its employees who had been the subject of a data breach. Morrisons employed a senior IT auditor who was tasked with sending data on approximately 100,000 employees to an external auditing company. ...
It has been reported this week that Google’s social media app, Google+, is to close down for consumers after it was revealed that a bug had exposed the personal data of up to 500,000 accounts. In a blog published by Google, it was revealed that a bug in the software meant that numerous third-party applications had access to up to 500,000 accounts. ...
As recently reported in the media, the Information Commissioner’s Office (“ICO”) has issued its first Enforcement Notice under the Data Protection Act 2018 (“DPA 2018”) against AggregateIQ Data Services Ltd (“AIQ”), a Canadian data analytics company. AIQ was associated with targeted advertising for the ‘Vote Leave’ campaign during the Brexit referendum. ...
The ICO has announced that Facebook will be fined the maximum possible amount of £500,000 for its breaches of the Data Protection Act in relation to the Cambridge Analytica scandal, an amount that pales in comparison with the new fines introduced under GDPR. We previously blogged on the scandal here....
The Introduction of GDPR and the new Data Protection Act 2018 has already been the subject of many an article and discussion....
It will not have escaped organisations’ attention that data protection laws have undergone significant reforms lately. The GDPR came into force on 25 May 2018, however we also have a new Data Protection Act 2018 (DPA 2018) which is now in force, thanks to some last-minute prompt progress through Parliament....
The 25th May 2018 has now come and gone and the GDPR has come into force. ...