Archives: UK

Subscribe to UK RSS Feed

Have You Paid Your Data Protection Fee?

The ICO has issued a penalty notice to over 100 organisations for failing to pay their data protection fee. Failing to pay this fee due to an innocent mistake may not be accepted as a viable excuse, as demonstrated by the recent judgement in Farrow & Ball Limited v The Information Commissioner (Dismissed) [2019] UKFTT … Continue Reading

How Might a No-Deal Brexit Impact Your Organisation’s Data Protection Obligations?

The UK Parliament has today, 15th January 2019, rejected the Government’s Brexit withdrawal agreement with the EU. This turn of events, which was widely anticipated, increases the prospect of a no deal Brexit, i.e. a break-up without a divorce settlement. According to law, the UK will leave the EU from 11pm GMT on 29th March … Continue Reading

The ICO’s New Year’s Resolutions

The ICO has published a draft Regulatory Action Policy (“Policy”) on 28 June 2018 available here, supplementing its Information Rights Strategic Plan for 2017-2021 (here) and International Strategy for 2017-2021 (here). This Policy provides an overview of how and to what extent the ICO will use its newly expanded regulatory enforcement powers provided by the … Continue Reading

The Impact of Data Protection on Children

Many readers may be reading this blog when a notification from their fitness tracker pops up instructing them to stand up. Children are now beginning to wear trackable devices too. These devices are connected to the internet and may process a child’s personal data. Many children have and use social media accounts and there is … Continue Reading

Have You Paid Your Data Protection Fee?

The Data Protection (Charges and Information) Regulations 2018 came into force in May 2018. Generally, these Regulations mean that Controllers must pay the ICO an annual data protection fee unless they are exempt. The exemptions are relatively limited. The requirement to pay an annual fee replaces the previous requirement to register with the ICO. The … Continue Reading

ICO’s Consultation on Direct Marketing Code of Practice

Direct marketing has been a focus of the UK data protection regulator, the Information Commissioner’s Office (ICO), for the last several years. Direct marketing for these purposes includes promotional messages that are sent directly to an individual recipient electronically (email or text), by post or communicated by phone. Such messages are considered to be unsolicited … Continue Reading

Why the ICO Fined Equifax £500,000

On 19th September 2018, the Information Commission Officer (“ICO”) fined credit reference agency Equifax Limited £500,000 for breaching the Data Protection Act 1998 (“DPA”). Finding that Equifax Limited failed to protect the personal data of up to 15 million UK individuals, the ICO awarded the maximum penalty for a breach under the DPA. The ICO … Continue Reading

Post GDPR Rise in Data-Related Complaints and Data Breach Notifications

Regulators across Europe, have recorded a sharp increase in the number of data-related complaints and data breach notifications since the General Data Protection Regulation (GDPR) came into force on 25 May 2018. The GDPR has radically reshaped how businesses can collect, use and store personal information. As a result of the new and expanded rights … Continue Reading

The Data Protection Fee – ICO fees under the GDPR

The obligation on controllers to pay a fee will remain in place following the implementation of the General Data Protection Regulation, the GDPR, on 25 May 2018. The fees act as the main source of funding for the UK’s data protection supervisory authority, the Information Commissioner’s Office (the ‘ICO’). The Government, which has a statutory … Continue Reading

Survey of the National GDPR Implementation Laws of Key Member States

While the GDPR compliance clock is ticking for companies, EU Member States have also been preparing for the implementation of the General Data Protection Regulation (“GDPR”) which will become enforceable on May 25, 2018. The GDPR will be directly applicable in all EU Member States without the need for implementing national laws. However, apart from … Continue Reading
LexBlog