Related insights: Data, Privacy and FOI
Data Subject Access Requests - required to provide copies of emails?
09 Feb 2023
Following our two-part series which considered the impact of European decisions on the scope of data subject access requests (DSARs), a further opinion has been released by the AG that limits the scope of DSARs.
This opinion (in the case of Österreichische Datenschutzbehörde and CRIF - Case C-487/21) concerns whether the data subject is entitled to a "copy" of the document which contains their personal data, or if it is sufficient to provide an extract.
This decision could have large practical impacts on how data controllers respond to DSARs both in the EU (where it is directly applicable) and in the UK (where it will be persuasive).
This opinion (in the case of Österreichische Datenschutzbehörde and CRIF - Case C-487/21) concerns whether the data subject is entitled to a "copy" of the document which contains their personal data, or if it is sufficient to provide an extract.
This decision could have large practical impacts on how data controllers respond to DSARs both in the EU (where it is directly applicable) and in the UK (where it will be persuasive).
Local government shouldn’t underestimate its vulnerabilities when it comes to cyber security
17 Jan 2023
With targeted and increasingly sophisticated phishing scams continually on the rise, the ever-evolving world of digital communication presents the optimal backdrop from which fraudsters can readily strike. For local government, the big challenge is the wide range of information that is held often about vulnerable people or highly sensitive information. How can local government protect systems and people from cyber threat and what part does human behaviour play?
Regulating the Internet of “vulnerable” Things in the chemical processing industry space
17 Jan 2023
Opportunities and challenges for the North East’s chemical processing industry underpinned the NEPIC Digitalisation and Cyber Security Conference in December 2022. The conference focused on how digital solutions can accelerate growth and create business opportunities within the region’s chemical sector.
The ICO's new policy on reprimands
19 Dec 2022
Since 2021 the ICO has increased its use of reprimands in its enforcement activity and from December 2022 it will be routinely publishing reprimands. What is a reprimand, how might it impact you and what is the effect of this change of policy by the ICO? Read more
Cybersecurity expert warns businesses against increasingly sophisticated attacks
08 Dec 2022
With phishing scams on the rise, what practical steps can be put in place by organisations to protect themselves from cyber threats? Womble Bond Dickinson takes a look.
Monitoring at work: what do you need to know about the new ICO guidance?
07 Dec 2022
The Information Commissioner's Office (ICO) is consulting on new draft guidance on monitoring at work. In order to provide regulatory certainty and protect the data protection rights of workers, the ICO has issued draft guidance on monitoring at work to replace the existing guidance in the 2011 code.
ICO fines organisation £4.4m for failing to have adequate security controls in place
01 Nov 2022
Womble Bond Dickinson's cyber security and technology litigation practitioners consider the key takeaway points from the ICO's recent penalty notice of £4.4million, issued to Interserve Group Ltd following a personal data breach that one of its subsidiaries suffered when it fell victim to a ransomware attack in early 2020.
What is the correct measure of damages for distress in GDPR claims?
26 Oct 2022
What is the correct measure of damages for distress in GDPR claims? Our digital team looks into the recent case involving a Lancashire councillor (claimant) and The CPS.
Reminder: out with the old EU Standard Contractual Clauses and in with the new
19 Oct 2022
The UK no longer use the old EU Standard Contractual Clauses adopted in 2001 and 2010 (the Old EU SCCs) for new contracts transferring personal data outside of the UK under the UK GDPR. But what does this mean for new contracts?
Change in approach to rights of access - Data Protection and Digital Information Bill
21 Sep 2022
The recent introduction of the Data Protection and Digital Information Bill provides further insight into the government's plans for reducing the burden caused too many organisations by data subject access requests (DSARs).
Insights
Stay informed
