How you can legally process data!

talking about personal data

To process personal data, you must have a valid lawful basis. There are six lawful bases for processing. The most appropriate basis will depend on your relationship with the individual. The requirement of most the lawful basses is that the processing is ‘necessary’ for a specific purpose. You will not have a lawful basis if […]

Supreme Court rejects class action data protection claim against Google!

image to represent data protection

The Supreme Court has given judgment on Lloyd v Google [2021]. Richard Lloyd with the financial support of Therium Litigation Funding IC issued a claim against Google. The claim alleged Google had breached its duties as a data controller under the Data Protection Act 1998, by secretly tracking the internet activity of Apple iPhone users, […]

How are NFT’s regulated in the UK?

Orange background, blue icon representing a privacy policy

The Financial Conduct Authority (FCA) has not yet provided guidance on NFT’s specifically with regards to regulation in the United Kingdom (UK). However, the FCA has distinguished between regulated tokens and unregulated tokens. Regulated tokens include security tokens which fall under the definition of specified investments under the Financial Services and Markets Act 2000 (Regulated […]

Are you ready to comply with the Children’s Code by 2 September 2021?

image to represent data protection

The Age Appropriate Design Code or Children’s Code came into force on the 2 September 2020. It has a twelve-month transition period which means organisations need to conform by 2 September 2021. The Code is a statutory code of practice under the Data Protection Act 2018. Data protection law recognises that the personal data of […]

UK and New Zealand sign data protection agreement

talking about personal data

The United Kingdoms (UK) Information Commissioner’s Office (ICO) and the New Zealand Office of the Privacy Commissioner (OPC) have signed a “memorandum of understanding” which recognises the two country’s shared objective to protect information rights. The memorandum puts in writing how the two authorities will further share, best practices and experiences, information, cooperate in projects […]

TikTok facing £1bn claim for ‘illegally’ collecting children’s data

image to represent data protection

TikTok and its parent company ByteDance is facing a data claim worth £1 billion over allegations that it illegally collected the personal information of children whilst they used its app. The claim has been filed at the High Court in England and Wales. The claimants have stated the defendants ‘deliberately violated United Kingdom and European […]

The Principles of Data Protection

talking about personal data

The General Data Protection Regulation (GDPR) which was implemented into United Kingdom (UK) law with the Data Protection Act 2018, sets out data protection principles that data controllers must comply with. They are as follows: The lawfulness, fairness, and transparency principle – Lawfulness: there are six lawful bases for the processing of data as set […]

How you can lawfully process data!

talking about personal data

To process personal data, you must have a valid lawful basis. There are six lawful bases for processing. The most appropriate basis will depend on your relationship with the individual. The requirement of most of the lawful bases is that the processing is ‘necessary’ for a specific purpose. You will not have a lawful basis […]

British Airways facing lawsuit over 2018 data breach

Geo-blocking

On 16 October 2020, the Information Commissioner’s Office (ICO) released a Penalty Notice against British Airways plc. It stated that ‘between 22 June and 5 September 2018, a malicious actor (the Attacker) gained access to an internal BA application through the use of compromised credentials for a Citrix remote access gateway. After gaining access to […]