Under the Data Protection Act 2018 you have the right to be forgotten, also known as the right to erasure of your personal data. Personal data refers to any information which can be used to identify you. Continue reading
Opt-ins and diversify basis’ for processing data
User consent underpins data protection rights as a lawful basis for processing. The consent-based mechanism is just one lawful basis for processing but the most debated. This is primarily around the slow abolition of opt-out consent as a legitimate mechanism for obtaining consent. Continue reading
The issue centers around the extraction of data from mobile phones by the force. Software is used to download the files stored on the accessed mobile devices. NGO Privacy International is challenging the invasiveness and proportionality of the practice in harvesting personal data in the course of investigations.
The outcome of the case will have significant repercussions for mobile data privacy and mobile developments. Mobile privacy has been a hot topic issue since the US Apple vs. FBI encryption case in relation to the investigation of the San Bernadino Shootings in 2016. We will have coverage of the case once judgment is handed down.
The use of facial recognition software (“FRS”) in security and monitoring was thrust into the spotlight by the London Mayor Sadiq Khan, taking issue with a London developer over its installation in a King’s Cross site. In this post on the Privacy Perspective we consider the privacy and data protection issues with integrating FRS into security systems, an issue currently before the courts. Continue reading
The European Data Protection Board issued a statement on 13 March 2019 urging the European Authorities to implement the new ePrivacy Regulation (the “Regulation”).
The Regulation itself sits alongside the existing GDPR framework and focuses on email marketing and cookies consent.
Debate has been generated around the extent to which the Regulation and the GDPR practically sit alongside each other to ensure that the, now onerous, data protection regime does not duplicate obligations. The Panopticon Blog has an excellent post covering this issue from Robin Hopkins. Continue reading