UK Data Protection Bulletin

16 September 2013

Our latest data protection update of news and developments over the summer months of July and August.

Key points to note are as follows:

  • New developments on Subject Access Requests – both a new Code of Practice from ICO and a new case on the impact of subject access on liquidators

  • There was no let-up in enforcement over the summer. Interestingly, one enforcement notice prohibited the data controller from processing personal data until it had completed a Privacy Impact Assessment (amongst other remedial actions). Is this the influence of the new draft Regulation being felt already?

  • The First-Tier Information Tribunal set aside a monetary penalty of £250, 000 issued by the ICO in a decision which explores the liability controllers have for their processors as well as the ICO's potentially flawed process for deciding monetary penalties

  • Article 29 Working Party Opinion on the re-use of EU public sector information

  • EDPS Opinion on data protection implications of the Commission's anti-money laundering proposals.

Download Newsletter