Archives: Big Data

Subscribe to Big Data RSS Feed

ICO issues new guidance on international data transfers under GDPR

The Information Commissioner’s Office (ICO) has published new guidance on international data transfers (the guidance) under the General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR). Ex-EU personal data transfers The GDPR restricts the transfer of personal data to non-EU countries or international organisations. The ICO has clarified that a transfer is restricted if: The GDPR … Continue Reading

What big data, political advertising and big fines have in common

On 10 July 2018, the Information Commissioner’s Office (ICO) announced its intent to fine Facebook £500,000 for two breaches of the Data Protection Act 1998, the maximum permitted under the pre-GDPR regime. If the penalty is enforced, it will be the biggest issued by the ICO in its history. For some perspective, had the breach … Continue Reading

Commission publishes factsheet on Digital Single Market strategy

On 22 June 2018, the European Commission published a factsheet that provides a visual summary of the actions taken to date to implement its Digital Single Market strategy. The Digital Single Market strategy refers to the European Commission’s mission to ensure access to online activities for individuals and businesses under conditions of fair competition, consumer … Continue Reading

Upper Tribunal says “small data” is not exempt under FOIA

The Upper Tribunal (Administrative Appeals Chamber) in IC v Miller [2018] UKUT 229 (AAC) has rejected an appeal brought by the Information Commissioner (IC), which was in relation to a First-Tier Tribunal (FTT) decision finding that “small data” (i.e., data concerning five or fewer individuals or households) was not exempt from disclosure under the Freedom … Continue Reading

EU to create a cybersecurity certification framework

To enhance cyber resilience, the EU is building a certification framework for information and communication technology (ICT) products, services and processes. On 8 June 2018, the Council agreed a Proposal (known as the Cybersecurity Act) to prepare for negotiations with the European Parliament to finalise the text. One of the effects of the Proposal is … Continue Reading

ICO publishes its 2017/2018 Annual Report

The Information Commissioner’s Office (‘ICO’) has published its 2017/2018 Annual Report, covering the 12 months leading up to 31 March 2018. The report is the ICO’s annual report to Parliament as required by the Data Protection Act 1998 (‘DPA’), and outlines the achievements and work of the ICO. Among the findings reported are the number … Continue Reading

ICO issues guidance on hiring and supporting DPOs

The UK Information Commissioner’s Office (ICO) has issued a resource for organizations to utilise when hiring and structuring the roles of data protection officers (DPO) under the General Data Protection Regulation (GDPR). This blog summarises several key elements of these resources. DPO checklist The checklist contains four sections which include: Appointing a DPO – across … Continue Reading

New data protection fee exemptions considered in UK

The UK government has opened a consultation on exemptions to paying a data protection fee, giving businesses the opportunity to lobby for new exemptions to be introduced. Businesses that are responsible for processing personal data (i.e. controllers) are required to pay a data protection fee to the Information Commissioner’s Office (ICO). These fees are: £40 … Continue Reading

EU reaches agreement on rules allowing free flow of non-personal data

You may well remember our blog from last year which outlined the Commission’s proposal for a framework in relation to the free flow of non-personal data in September 2017 (you can view our blog here). On 19 June 2018, the European Parliament, Council and the European Commission reached a political agreement on the rules that … Continue Reading

Asserting the defense of lack of personal jurisdiction in privacy class actions

In the wake of the U.S. Supreme Court’s decision in Spokeo v. Robins, 136 S. Ct. 1540 (2016), there has been a plethora of litigation in privacy class actions over whether federal courts can exercise subject-matter jurisdiction over the asserted statutory or common law claims. However, in addition to considering whether a court has subject-matter … Continue Reading

European Commission outlines plans to boost artificial intelligence

Last month, the European Commission (Commission) announced plans to bolster the future of artificial intelligence (AI) across the bloc. In a paper on ‘Artificial Intelligence for Europe’, the Commission proposed a three-pronged approach to: (i) increase public and private investment in AI; (ii) prepare for socio-economic changes; and (iii) ensure an appropriate ethical and legal … Continue Reading

D.C. federal court rules that web scraping does not violate the CFAA and may be protected by the First Amendment

On March 30, 2018, a D.C. federal district court denied a motion to dismiss an ACLU case filed against the government to challenge the constitutionality of the Computer Fraud and Abuse Act (CFAA), which makes it a federal crime to access a computer in a manner that “exceeds authorized access.” Sandvig v. Sessions, No. 1:16-cv-01368, … Continue Reading

German FCO launches sector inquiry into online price comparison websites

The German Federal Cartel Office (”FCO“) has launched a sector inquiry into “online price comparison websites.” This sector inquiry is the first specific proceeding in which the FCO applies its new competencies in the area of consumer protection given to it by the 9th amendment to the German Act against Restraints of Competition (“ARC”). Another sector … Continue Reading

39th International Conference of Data Protection and Privacy Commissioners publishes Resolution on Data Protection in Automated and Connected Vehicles

The 39th International Conference of Data Protection and Privacy Commissioners in Hong Kong published a Resolution on Data Protection in Automated and Connected Vehicles, which sets out fundamental data protection requirements for the mobility of the future (“Resolution”). The Resolution proposes common international standards. The Resolution addresses not only vehicle and equipment manufacturers, but also … Continue Reading

Germany updates competition rules to deal with digital markets

The upcoming ninth amendment of the German Act against Restraints of Competition (Gesetz gegen Wettbewerbsbeschränkungen, ARC), which has already been approved by the German Federal Parliament (Bundestag) and the German Federal Council (Bundesrat), is expected to enter into force shortly. The new law is tailored to adapt German competition law to the specific features of … Continue Reading

Building the EU data economy: time for an upgrade?

The EU Commission recently launched a Public consultation on Building the European data economy. The objective behind the consultation is to feed into the Commission’s future policy agenda on the European data economy in 2017. The data economy In its Communication entitled “Building a European Data Economy,” the Commission has re-identified (from its 2012 Communication) … Continue Reading

Facebook Implements Additional Measures to Prevent Discriminatory Practices in Targeted Advertisements

Responding to news reports that journalists were able to purchase advertising on Facebook targeted to ethnic groups, Facebook announced several new changes to the company’s advertising products. The move highlights heightened scrutiny of advertising practices surrounding the increasing use of big data in many aspects of marketing and advertising. Facebook’s response grew out of a … Continue Reading

In the age of Big Data, the EDPS issues an Opinion on enforcement and upholding fundamental rights

The European Data Protection Supervisor (“EDPS”) issued an Opinion on “coherent enforcement of fundamental rights in the age of big data”. This is an update to the EDPS’ Preliminary Opinion in 2014 on “Privacy and competitiveness in the age of big data”. The Preliminary Opinion observed a tendency for EU rules of data protection, consumer … Continue Reading

Wisconsin Federal Court Finds Spokeo Spells the End for Consumer Privacy Class Action

In a sign of the continuing significance of the U.S. Supreme Court’s recent ruling in Spokeo v. Robins, 136 S. Ct. 1540 (May 24, 2016), another federal court has cited that ruling in dismissing claims for lack of Article III standing. In Gubula v. Time Warner Cable, Inc., No. 15-cv-1078 (E.D. Wis. June 17, 2016), … Continue Reading

New Guidelines on Collecting Biometric Data Help Businesses Stay Ahead of the Game

The amount of data collected worldwide is rapidly proliferating, and one international organization wants to make sure it’s clear how to protect what is arguably the most sensitive category of that data: biometrics. The Biometrics Institute, which has branches in London and Sydney, released new revisions to its Biometrics Privacy Guidelines to its members on … Continue Reading

FTC Warns Big Data Brings Big Consequences in New Report

The FTC unveiled a lengthy report, Big Data: A Tool for Inclusion or Exclusion? Understanding the Issues, warning companies about commercial uses of big data and the discriminatory impact it may have on low-income and underserved populations. “Big data” refers to the ubiquitous collection of massive amounts of consumer information by companies, which may be … Continue Reading

Big Win for Automakers After Federal Judge Dismisses Car Hacking Lawsuit

On November 25, a California federal court dismissed without prejudice a proposed class action against Toyota Motor Corp., Ford Motor Co., and General Motors LLC, claiming the carmakers failed to ensure the electronic security of their vehicles by equipping them with computer technology that is susceptible to being hacked by third parties. Cahen, et al. … Continue Reading

San Francisco Launches First “Internet of Things” Wireless Network in United States

With the onslaught of smart watches, smart thermostats, and even smart refrigerators that allow you to Tweet hangry messages to your followers, it’s only natural that a “smart city” would follow. This week, San Francisco city officials agreed to run a one-year pilot project with Sigfox – an FCC certified French start-up that builds low-power … Continue Reading

Study reports draft EU Data Protection Regulation leaves gaps in protection when it comes to Big Data, Internet of Things and smart devices

A study published 22 September 2015 criticises the EU’s development of its Digital Single Market (‘DSM’) strategy for being overly commercially and economically driven, with little attention to the key legal and social challenges regarding privacy and personal data protection. The development of the DSM should not be at the expense of individuals’ privacy rights, say … Continue Reading
LexBlog