Tag Archives: Data Controller

Subject access requests: ICO publishes updated guidance

The Information Commissioner’s Office (ICO) has published an updated data subject access code of practice (the Code) to reflect developments following two major Court of Appeal judgments published in early 2017: Dawson-Damer and others v Taylor Wessing LLP [2017] EWCA Civ 74 and Ittihadieh v 5-11 Cheyne Gardens RTM Company Ltd and Others [2017] EWCA Civ 121. … Continue Reading

Hungarian DPA Decision Redefines Concept of Data Controllers and Data Processors

Hungary’s data protection authority, the National Authority for Data Protection and Freedom of Information (NAIH), recently issued a decision fining PepsiCo €5,000 for a data breach. The decision has, however, had wider repercussions, reclassifying the concept of data controllers and data processors. In October 2012, it was exposed that a Turkish hacker group had been … Continue Reading

Norwegian DPA finds that Google Analytics breaches national data protection law

This post was written by Cynthia O’Donoghue. The Norwegian Data Protection Authority Datatilsynet (Norwegian DPA) has concluded that the use of the website analytic tool Google Analytics by two state agencies violated Norway’s data protection law. The two state agencies—Tax Administration and the State Educational Loan Fund—were not able to account for how Google Analytics … Continue Reading
LexBlog