Welcome to the February - May edition of our UK & EU Data Protection Bulletin.

The highlights in this edition are:

  • General Data Protection Regulation (GDPR) published in the Official Journal of the EU
    On 4 May, the GDPR was published in the Official Journal of the European Union. The GDPR is effective now, but will apply to organisations on 25 May 2018. A link to our GDPR guide, which summarises the key changes that will result from the new law and how organisations can prepare to comply with it, is included.
  • New Investigatory Powers Bill for UK
    The new Investigatory Powers Bill, the first major revision of intelligence agency and law enforcement powers over communications for over 15 years, is currently at the Report Stage in Parliament. Further details about the scope of the proposed bill and a link to an article that discusses the implications of the bill for organisations, are included.
  • Gurieva & Anor v Community Safety Development (UK) Ltd
    Is an interesting subject access case. The case contains a good summary of previous cases, and also shows that the courts will sometimes order controllers to provide access to data – even when the request is clearly made as part of associated litigation. 

Download the PDF >