The Information Commissioner’s Office (ICO) has published an updated data subject access code of practice (the Code) to reflect developments following two major Court of Appeal judgments published in early 2017: Dawson-Damer and others v Taylor Wessing LLP [2017] EWCA Civ 74 and Ittihadieh v 5-11 Cheyne Gardens RTM Company Ltd and Others [2017]

Hungary’s data protection authority, the National Authority for Data Protection and Freedom of Information (NAIH), recently issued a decision fining PepsiCo €5,000 for a data breach. The decision has, however, had wider repercussions, reclassifying the concept of data controllers and data processors.

In October 2012, it was exposed that a Turkish hacker group had been

The Norwegian Data Protection Authority Datatilsynet (Norwegian DPA) has concluded that the use of the website analytic tool Google Analytics by two state agencies violated Norway’s data protection law. The two state agencies—Tax Administration and the State Educational Loan Fund—were not able to account for how Google Analytics worked, and found that there was a