Data Notes

Game changer for cyber/data breach cases opens in Supreme Court: WM Morrisons Supermarkets Plc v Various Claimants

GDPR used to gain access to fiancée's personal data: Exposing vulnerabilities in Data Subject Access Requests

British Airways Data Breach: ICO announces potential £183 million 'mega fine'

Happy GDPR-versary! Herbert Smith Freehills reflections on a year of GDPR regulation

A royal curveball – using the GDPR in privacy disputes

The Importance of Adequate Consent under the GDPR: HMRC Forced to Delete Five Million Records

Latest twist in the Morrisons Case: Supreme Court grants Morrisons permission to appeal

On 15 April 2019, the Supreme Court granted supermarket chain Morrisons permission to appeal against the Court of Appeal ruling that it was vicariously …

GDPR fine in Poland gives important insight into the requirements of Article 14

Last week the Personal Data Protection Office ("UODO") in Poland issued a €220,000 fine to a digital marketing company for breaching its obligations …

Cyberattack on German Public Figures Leads To One of Germany's Largest Data Breaches

Last week, it was announced that during December 2018 almost one thousand German public figures, including journalists and a number of prominent …

Court of Appeal confirms Morrisons vicariously liable for employee's deliberate actions in first successful UK class action for data breach

The Court of Appeal has today dismissed an appeal against the High Court's decision that Morrisons was vicariously liable for its employee’s …

Data breaches: new Article 29 Working Party guidance

In anticipation of the GDPR, various guidance has been published by the Article 29 Working Party, the body of national EU data regulators. Of most …

Compliant or not: the GDPR is here

The GDPR came into force on 25 May 2018 and brought with it additional rights for individuals and additional obligations for organisations. It also …