GDPR

Data protection law changed significantly on 25 May 2018 with the introduction of the EU General Data Protection Regulation (GDPR) and UK Data Protection Act 2018.

Key changes under the GDPR affect almost all businesses. The rights of EU citizens to control their personal details have been enhanced and new unified obligations have been placed on those dealing with personal data. However, this is not the end of the compliance journey for organisations, and they must act now to ensure they fully comply with the new rules.

Previous data protection legislation (the Data Protection Act 1998 in the UK) was based on the Data Protection Directive of 1995 (the 1995 Directive) which set out key legal principles for dealing with personal data. For the past 15 to 20 years these principles have been adopted in national legislation throughout the EU Member States in different ways resulting in a disjointed approach to data protection in Europe. The GDPR replaced the 1995 Directive and is directly applicable in every EU Member State. This means there is now a single set of rules to avoid contradictory approaches across the EU.

 

 

  • GDPR Data Protection & Cyber Security Newsletter - June 2019 Our latest newsletter looks at recent developments in data protection and cyber security, including the requirement for data protection representatives post-Brexit and updated data protection legislation around the world.
  • GDPR ICO continues to clamp down on bad direct marketing practices The UK ICO recently fined Bounty (UK) Limited £400,000 for the unlawful sharing of the personal data of more than 14 million people, highlighting the necessity of strict compliance with data protection laws.
  • GDPR GDPR: What do employers and HR teams need to know? (Part 3) In the third instalment of our series on data protection rules and their effects on employers and HR departments, we look at on lawful processing under data protection legislation and how employers are affected by the new rules.
  • GDPR GDPR: What do employers and HR teams need to know? (Part 2) The GDPR and DPA 2018 afford employees a host of new and enhanced rights, allowing them greater control over their personal data. We look at how to manage employee rights under the data protection rules.
  • GDPR Data Protection & Cyber Security Newsletter - April 2019 Our latest newsletter looks at recent developments in the field of data protection and cyber security, with a focus on Brexit, privacy and social media and the California Consumer Privacy Act.
  • GDPR GDPR: What do employers and HR teams need to know? (Part 1) The General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA) came into force on 25 May 2018 and represents the biggest change to EU data protection laws in over three decades. Since the coming into force of the GDPR and DPA, there has been a sharp increase in complaints to regulators.
  • GDPR Data Protection & Cyber Security Newsletter - February 2019 This newsletter looks at the topical issues in data protection and cyber security and notable developments, both in the UK and further afield.
  • GDPR B(rexit) Day is approaching – what will happen to international data transfers? Notwithstanding the current political turmoil surrounding Brexit (deal or no deal?) the UK are still scheduled to exit the European Union (EU) on 29 March 2019 (only 6 weeks away!) and as the politicians grapple with the complexities of hard/soft Brexit options with the clock ticking down to B(rexit) Day, we are looking at how data will be transferred outside of the UK (and EU) post-Brexit.
  • Technology, Media & Telecoms GDPR compliance now more important than ever for financial services firms The Financial Conduct Authority (the FCA), the UK’s regulator of financial firms and the Information Commissioner’s Office (the ICO), the UK’s data protection watchdog, have signed an updated Memorandum of Understanding (MoU).
  • GDPR New guidelines on the territorial scope of the GDPR The GDPR has created new obligations for non-European businesses in certain circumstances. Since the Regulations were first published there has been uncertainty in relation to the full extent of the territorial scope of the GDPR itself.

Technology, Media & Telecoms

With very few areas not impacted by technology, media and telecoms, we remain focused on ensuring we stay ahead of the curve in advising clients of the ever-increasing body of law, regulation and policy affecting the sector.

Latest updates from @MacRoberts