On 25 May 2018, data protection law changed significantly with the introduction of the EU General Data Protection Regulation (GDPR) and UK Data Protection Act 2018.

Key changes under these laws affect almost all businesses. The rights of EU citizens to control their personal details have been enhanced and new unified obligations have been placed on those dealing with personal data. However, even though the deadline has passed, this is not the end of the compliance journey and organisations must continuously act to ensure they fully comply with the rules.

Previous data protection legislation (the Data Protection Act 1998 in the UK) was based on the Data Protection Directive of 1995 (the 1995 Directive) which set out key legal principles for dealing with personal data. For the past 15 to 20 years, these principles have been adopted in national legislation throughout the EU Member States in different ways, resulting in a disjointed approach to data protection in Europe. The GDPR replaced the 1995 Directive and is directly applicable in every EU Member State. This means there is now a single set of rules to avoid contradictory approaches across the EU.

Data Breach Response Helpline

Data breach reporting is now mandatory in many cases. If you believe your business may have suffered a personal data breach and/or something goes wrong, MacRoberts' Data Breach Response Team is on hand to guide you through the response process. For fast and effective assistance, please call our helpline on 0300 303 1019.

    • GDPR The dos & don'ts of telemarketing campaigns: Lessons from Vodafone & co Multinational telecommunications company Vodafone was recently fined $12.25 million by the Italian data protection authority for telemarketing breaches, following in the footsteps of many companies in the EU who have been fined for breaches of telemarketing laws.
    • GDPR How to correctly obtain valid consent from data subjects The Court of Justice of the European Union recently issued its ruling in relation to the interpretation of provisions relating to consent contained within the Data Protection Directive and the General Data Protection Regulation (GDPR).
    • GDPR Data Protection & Cyber Security Newsletter - December 2020 Our latest Data Protection & Cyber Security Newsletter contains insights from our team to the latest developments from the Information Commissioner's Office, including guidance on subject access requests, artificial intelligence and data protection considerations, and recent fines for high-profile data breaches.
    • Brexit Data Protection: What can we expect from 1 January 2021? With the UK’s exit from the EU edging closer on 1 January 2021, businesses must look to futureproof their operations. We answer some of the most frequently asked questions (so far) relating to data protection post-Brexit.
    • GDPR ICO investigates UK's major credit reference agencies' data broking practices The ICO's investigation into the direct marketing data broking sector has found systemic data protection failings in the practices of large credit reference agencies – highlighting the importance of appropriate due diligence when purchasing personal data for marketing purposes.

Data Protection & Cyber Security

Cyber security and key changes under the GDPR and UK Data Protection Act 2018 affect almost all businesses. Our online hub contains a wealth of information and insights on what your businesses should be doing to ensure full compliance with the law.

Latest updates from @MacRoberts