Data Protection Commentary – The Privacy Perspective

What you need to know about privacy policies

December 6, 2019December 6, 2019The Privacy PerspectiveLeave a comment

Sites you visit, applications you use and services you take all have privacy policies – but what are they and why are they important, despite many people just check boxing them? Continue reading →

Morrisions data breach vicarious liability case before UK Supreme Court

November 6, 2019November 6, 2019The Privacy PerspectiveLeave a comment

Following its data breach in November 2013 the Morrisons data breach case is now before the UK Supreme Court. The breach involved the personal data of 5,500 employees.

An employee, Mr Skelton, took a memory stick containing the records of employees home. In January 2014 he uploaded the contents onto a data sharing website, later sending it to newspapers. Continue reading →

Compound liability following data breaches – Equifax two years on

October 24, 2019October 30, 2019The Privacy PerspectiveLeave a comment

In September 2017 Equifax suffered a data breach exposing the personal data of over 147 million people. Hackers utilised a website application vulnerability to access the personal data of customers. Continue reading →

Data protection rights

October 14, 2019October 14, 2019The Privacy PerspectiveLeave a comment

Personal data, such as your name, likeness, birthday or any other information which can be used to identify you is highly sensitive.

Protecting and bringing actions on the basis of your personal data being harvested, used or misused is a key foundational right to privacy. Continue reading →

£3billion class action against Google given the go-ahead – Lloyd v Google LLC [2019] EWCA Civ 1599

October 7, 2019October 7, 2019The Privacy PerspectiveLeave a comment

Mr Lloyd, a consumer protection advocate, brought a claim against Google for damages on behalf of 4m Apple iPhone users. It was alleged that Google secretly tracked some of their internet activity for commercial purposes between 9 August 2011 and 15 February 2012. Continue reading →

The right to be forgotten

September 27, 2019September 29, 2019The Privacy PerspectiveLeave a comment

Under the Data Protection Act 2018 you have the right to be forgotten, also known as the right to erasure of your personal data. Personal data refers to any information which can be used to identify you. Continue reading →

Police forces use of facial recognition software determined lawful – R (Bridges) v Chief Constable of South Wales Police [2019] EWHC 2341 (Admin)

September 5, 2019September 6, 2019The Privacy PerspectiveLeave a comment

“The algorithms of the law must keep pace with new and emerging technologies.”- at p[1]

The Facts

The Administrative Court, with Haddon-Cave LJ and Swift J sitting, has heard the first case on the lawfulness of the police using automated facial recognition software (“AFR”). The case concerned the South Wales Police (“SWP”) use of AFR in two instances where they allegedly recorded the image of the Claimant. Once on 21 December 2017 at Queen Street Cardiff and another at the Defence Procurement, Research, Technology and Exportability Exhibition (“the Defence Exhibition”) on 27 March 2018. Continue reading →