Under the Data Protection Act 2018 you have the right to be forgotten, also known as the right to erasure of your personal data. Personal data refers to any information which can be used to identify you. Continue reading
“The algorithms of the law must keep pace with new and emerging technologies.”- at p
The Administrative Court, with Haddon-Cave LJ and Swift J sitting, has heard the first case on the lawfulness of the police using automated facial recognition software (“AFR”). The case concerned the South Wales Police (“SWP”) use of AFR in two instances where they allegedly recorded the image of the Claimant. Once on 21 December 2017 at Queen Street Cardiff and another at the Defence Procurement, Research, Technology and Exportability Exhibition (“the Defence Exhibition”) on 27 March 2018.
Opt-ins and diversify basis’ for processing data
User consent underpins data protection rights as a lawful basis for processing. The consent-based mechanism is just one lawful basis for processing but the most debated. This is primarily around the slow abolition of opt-out consent as a legitimate mechanism for obtaining consent. Continue reading
Apple recently released a statement on its development of automated assistant Siri’s privacy protections. The result is a move towards doing everything right in safeguarding consumer privacy. When compared to Amazon’s protections for its Alexa service market shifts and best practice become clear, making for better adherence to the seven data protection principles underpinning the GDPR.
The increasing encroachment of audio-activated devices into our personal lives presents unique privacy challenges. Recent events have prompted the review of how audio-activated devices collect, store, transmit and use data, prompting concern and highlighting a number of long term lessons to be learned.
The issue centers around the extraction of data from mobile phones by the force. Software is used to download the files stored on the accessed mobile devices. NGO Privacy International is challenging the invasiveness and proportionality of the practice in harvesting personal data in the course of investigations.
The outcome of the case will have significant repercussions for mobile data privacy and mobile developments. Mobile privacy has been a hot topic issue since the US Apple vs. FBI encryption case in relation to the investigation of the San Bernadino Shootings in 2016. We will have coverage of the case once judgment is handed down.
The European Data Protection Board issued a statement on 13 March 2019 urging the European Authorities to implement the new ePrivacy Regulation (the “Regulation”).
The Regulation itself sits alongside the existing GDPR framework and focuses on email marketing and cookies consent.
Debate has been generated around the extent to which the Regulation and the GDPR practically sit alongside each other to ensure that the, now onerous, data protection regime does not duplicate obligations. The Panopticon Blog has an excellent post covering this issue from Robin Hopkins. Continue reading