School reprimanded after using facial recognition technology to take canteen payments from pupils – The Independent

Posted July 24th, 2024 in data protection, facial mapping, news, school children by sally

‘A school has been reprimanded by the data protection regulator after using facial recognition technology (FRT) to take cashless canteen payments from pupils.’

Full Story

The Independent, 23rd July 2024

Source: www.independent.co.uk

Welsh chambers breaks ground with first ICO legal services certification – Legal Futures

Posted July 18th, 2024 in barristers, data protection, legal services, news by michael

‘The largest chambers in Wales has become the first legal services provider to obtain the new law-specific data protection certification approved by the Information Commissioner’s Office (ICO).’

Full Story

Legal Futures, 18th July 2024

Source: www.legalfutures.co.uk

Data watchdog reprimands Hackney council over cyber attack – The Independent

Posted July 18th, 2024 in computer crime, data protection, local government, London, news by michael

‘The Information Commissioner’s Office (ICO) said the council had “failed to effectively implement sufficient measures” to protect its systems from attack.’

Full Story

The Independent, 17th July 2024

Source: www.independent.co.uk

NHS confirms patient data stolen in cyber attack – BBC News

Posted June 25th, 2024 in computer crime, data protection, health, medical records, news by tracey

‘NHS England has confirmed its patient data managed by blood test management organisation Synnovis was stolen in a ransomware attack on 3 June.’

Full Story

BBC News, 24th June 2024

Source: www.bbc.co.uk

Business backed in withholding data in subject access request response – OUT-LAW.com

Posted June 17th, 2024 in data protection, disclosure, news, telecommunications, third parties by tracey

‘A court has rejected a bid by a prominent UK businessman to force a gardening company he engaged with to disclose the identity of people given access to recordings of conversations he had with the gardening company’s owner.’

Full Story

OUT-LAW.com, 14th June 2024

Source: www.pinsentmasons.com

Genetic testing company 23andMe investigated over hack that hit 7m users – The Guardian

Posted June 11th, 2024 in data protection, genetic testing, health, news by tracey

‘The California genetic testing company 23andMe faces investigations by the data watchdogs of the UK and Canada over a security breach affecting nearly 7 million people last October.’

Full Story

The Guardian, 11th June 2024

Source: www.theguardian.com

Independent UK retailers claim £1bn damages against Amazon – The Guardian

Posted June 10th, 2024 in class actions, competition, damages, data protection, news by tracey

‘Independent UK retailers have launched the biggest ever retail class action with a £1bn claim for damages against Amazon, which they allege has been pushing them out of its online marketplace.’

Full Story

The Guardian, 7th June 2024

Source: www.theguardian.com

Grindr goes to Court (Part II): Individuals’ HIV Status and the Right to Private Life – Oxford Human Rights Hub

‘Part I of this blog examined the protection of an individual’s HIV status under the UK’s data protection regime in the context of ongoing litigation against Grindr. Part II examines the human rights implications of the disclosure of individuals’ HIV status to third parties in the European human rights context.’

Full Story

Oxford Human Rights Hub, 5th June 2024

Source: ohrh.law.ox.ac.uk

Grindr goes to Court (Part I): UK Data Protection Law and the Disclosure of Individuals’ HIV Status – Oxford Human Rights Hub

‘A case brought in April 2024 before the High Court of England and Wales alleges that Grindr shared sensitive information, including users’ HIV status, with third parties for commercial purposes in breach of the UK’s data protection regime. Grindr is an LGBT+ social networking and dating app with a reputation for facilitating casual sexual encounters between gay men. On their profiles, Grindr users are able to share personal health information, including their HIV status. Sharing such information before sexual intercourse is important since, in England and Wales, the transmission of a sexually-transmitted infection, such as HIV, when a sexual partner did not consent to the risk of infection can be prosecuted under the Offences Against the Person Act 1861 (see section 71 of the Domestic Abuse Act 2021).’

Full Story

Oxford Human Rights Hub, 4th June 2024

Source: ohrh.law.ox.ac.uk

UK GDPR and changes to pending legislation – Law Society’s Gazette

Posted June 3rd, 2024 in bills, brexit, data protection, EC law, news by sally

‘The Data Protection and Digital Information Bill was due to enter the report stage in the House of Lords on 10 June. It may, among other things, make changes to the UK GDPR, the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR). I say ‘may’ because just after I wrote this, Rishi Sunak called a general election. However there is still a chance of it passing (see later), so let us for now proceed on this basis.’

Full Story

Law Society's Gazette, 29th May 2024

Source: www.lawgazette.co.uk

Small Data: damage, distress and the development of a new type of claim – Law Pod UK

‘Jasper Gold of 1 Crown Office Row joins Lucy McCann to explore “small data” claims, where data and personal injury law intersect.’

Full Story

Law Pod UK, 15th May 2024

Source: audioboom.com

Tory party refers itself to watchdog over alleged data breach – The Guardian

Posted May 14th, 2024 in data protection, electronic mail, news, political parties by tracey

‘The Conservative party has referred itself to the data protection watchdog over an alleged data breach after it revealed hundreds of email addresses in a pitch to sign up for its annual conference.’

Full Story

The Guardian, 14th May 2024

Source: www.theguardian.com

Data, disclosure and duties: balancing privacy and safeguarding in the context of UK university student sexual misconduct complaints – Legal Studies

‘The past decade has seen a marked shift in the regulatory landscape of UK higher education. Institutions are increasingly assuming responsibility for preventing campus sexual misconduct, and are responding to its occurrence through – amongst other things – codes of (mis)conduct, consent and/or active bystander training, and improved safety and security measures. They are also required to support victim-survivors in continuing with their education, and to implement fair and robust procedures through which complaints of sexual misconduct are investigated, with sanctions available that respond proportionately to the seriousness of the behaviour and its harms. This paper examines the challenges and prospects for the success of university disciplinary processes for sexual misconduct. It focuses in particular on how to balance the potentially conflicting rights to privacy held by reporting and responding parties within proceedings, while respecting parties’ rights to equality of access to education, protection from degrading treatment, due process, and the interests of the wider campus community. More specifically, we explore three key moments where private data is engaged: (1) in the fact and details of the complaint itself; (2) in information about the parties or circumstances of the complaint that arise during the process of an investigation and/or resultant university disciplinary process; and (3) in the retention and disclosure (to reporting parties or the university community) of information regarding the outcomes of, and sanctions applied as part of, a disciplinary process. We consider whether current data protection processes – and their interpretation – are compatible with trauma-informed practice and a wider commitment to safety, equality and dignity, and reflect on the ramifications for all parties where that balance between rights or interests is not struck.’

Full Story

Legal Studies, 3rd May 2024

Source: www.cambridge.org

Government backs amendment to better protect victims’ counselling records – Ministry of Justice

‘New legislation will provide extra protections for victims’ counselling notes during criminal investigations.’

Full Story

Ministry of Justice, 23rd April 2024

Source: www.gov.uk

Smart gadgets: Tougher rules for sellers of internet-enabled devices in the UK – BBC News

Posted April 29th, 2024 in computer crime, computer programs, data protection, internet, news by tracey

‘Manufacturers will have to follow stricter rules if they want to sell “smart” gadgets in the UK after a new law came into effect.’

Full Story

BBC News, 29th April 2024

Source: www.bbc.co.uk

Reforms in UK Data Protection Law: Potential Impacts on Individuals’ Rights Protection and AI Transparency – Oxford Human Rights Hub

Posted April 26th, 2024 in artificial intelligence, bills, brexit, data protection, news by sally

‘The Data Protection and Digital Information Bill (DPDI Bill) was re-introduced into the UK Parliament in March 2023 and is currently being debated at the Committee stage in the House of Lords. Since Brexit, the UK can unilaterally decide to reform its legal framework on personal data regulation so that data power can be further unlocked. This objective is also tightly related to the pro-innovation approach aimed at spurring AI development in the UK. The DPDI Bill seeks to provide organisations with greater flexibility and stability in data processing while maintaining high standards of data protection. Nevertheless, there is considerable debate whether proposed changes in the DPDI Bill may dilute essential rights to data protection for individuals and undermine transparency in data processing related to AI.’

Full Story

Oxford Human Rights Hub, 23rd April 2024

Source: ohrh.law.ox.ac.uk

Lawsuit in London to allege Grindr shared users’ HIV status with ad firms – The Guardian

Posted April 22nd, 2024 in advertising, data protection, HIV, homosexuality, internet, news by sally

‘Grindr faces the prospect of legal action by hundreds of users who will allege that the dating app shared highly sensitive personal information, including in some cases their HIV status, with advertising companies.’

Full Story

The Guardian, 22nd April 2024

Source: www.theguardian.com

Jail for sex offender given access to child’s data by law firm’s error – Legal Futures

‘A convicted sex offender accidentally given access by a law firm to a vulnerable child’s confidential information has been jailed for six months for not complying with court orders to delete it.’

Full Story

Legal Futures, 16th April 2024

Source: www.legalfutures.co.uk

ICO unveils new data protection fining guidance – OUT-LAW.com

Posted March 25th, 2024 in data protection, fines, news, ombudsmen, privacy by tracey

‘The Information Commissioner’s Office (ICO) has published new guidance setting out how it will determine penalty notices and calculate fines under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA).’

Full Story

OUT-LAW.com, 22nd March 2024

Source: www.pinsentmasons.com

Balancing the autonomy and protection of children: competency challenges in data protection law – Information & Communications Technology Law

Posted March 14th, 2024 in children, data protection, news by sally

‘This article considers some complexities surrounding the determination of child competency in matters of data protection. Focusing on the Information Commissioner’s Office (ICO) guidelines, the article highlights the apparently pivotal role competency plays in granting children the ability to exercise their data protection rights and interests. The article critically examines the inherent challenges arising from the ICO’s approach, emphasising the reliance on data controllers to independently assess the competency of child data subjects. The inherent problematic nature of this approach is scrutinised, shedding light on potential shortcomings and raising questions about the effectiveness and fairness of such assessments.’

Full Story

Information & Communications Technology Law, 27th February 2024

Source: www.tandfonline.com