On 21 October 2020, almost a year after the UK’s Information Commissioner Office (ICO) provided draft guidance on the right of access, the ICO published its updated guidance on data subject access requests (DSARs), available here (Guidance). In a previous post available here, we covered what DSARs are and the principles areas of focus of … Continue Reading
A judgment from the Court of Appeal on 7 February 2014 in the case of Edem v The information Commissioner & Financial Services Authority [2014] EWCA Civ 92, has held that “a name is personal data unless it is so common that without further information, such as its use in a work context, a person … Continue Reading
Last month, the Information Commissioner’s Office (ICO) published a response to the government’s call for views and evidence on the draft EU Directive on Network and Information Security (NIS Directive). The ICO’s criticism stemmed from its experience with mandatory data breach notifications from the telecoms sector and included suggestions for modifying the proposed NIS Directive. … Continue Reading
This post was written by Cynthia O’Donoghue. The UK’s First-tier Tribunal (Information Rights) has overturned a monetary penalty issued by the Information Commissioner’s Office (ICO) against the Scottish Borders Council. The £250,000 penalty related to the unsecure disposal of hard copies of council records containing personal data and had been issued by the ICO in … Continue Reading
The UK’s data protection watchdog, Information Commissioner’s Office (ICO), joins the global initiative for improving website privacy policies organised by the Global Privacy Enforcement Network (GPEN). Nineteen data protection authorities from around the globe will assess and report on the standards of privacy policies used by websites based in their jurisdictions. In the related Blog … Continue Reading