data protection

Data protection bits

Ring doorbells, audio and video monitoring equipment, data protection, and suspiciously long raincoats

- Posted in data protection by
Have you put up, or are thinking of putting up, audio and video recording equipment around and outside your home? Then this post is for you. It's about a decision of the Oxford County Court, for Read more

How to handle data subject access requests under the UK GDPR

- Posted in data protection by
This blog post is a short(ish) guide to the core issues in handling subject access requests under the UK GDPR. If you have received a request and you are not sure where to start, this will help you Read more

Personal data breach reporting for service outages (such as when your CDN is down)

- Posted in data protection by
(CDN: content delivery network. Such as Akamai.) Even though it is not obviously within the scope of the definition of "personal data breach", guidance from both the UK's regulator and the European Read more

The UK is adequate (for data protection purposes)

- Posted in data protection by
The long-running saga as to whether the United Kingdom will be considered "adequate" from a data protection point of view has reached an important, and probably welcome to many, point: today, the Read more

The new standard contract clauses: what you need to know right now

- Posted in data protection by
The European Commission has published a new set of standard contract clauses. They're also in the Official Journal, as of 7 June 2021. If you are subject to the GDPR and you are involved — whether Read more

Understanding the Data Protection Act's national security and defence exemption

- Posted in data protection by
1 This post covers the Data Protection Act 2018's national security and defence exemption. Most controllers will never need to rely on this but, if you do, it's a useful provision, and one which you Read more

The territorial scope of the GDPR, as applied by the High Court

- Posted in data protection by
1 This week saw what is, I believe, the first English judgment dealing with the territorial scope of the GDPR. This blogpost is a reminder of the rules on "territorial scope", and weaves in the High Read more

Alternatives to using genuine phone numbers, IP addresses, domain names and email addresses in your training and documentation

- Posted in data protection by
If you are preparing training or guidance, showcasing your product or service, or giving code samples, you'll often want example data, such as a phone number, email address, or National Insurance. (I Read more

ICO: data sharing code of practice

- Posted in data protection by
The ICO has released its Code of Practice on Data Sharing, under the GDPR / Data Protection Act 2018. For ease of reference, here's the draft version of the Code, on which the ICO consulted. The Code Read more

The UK/EU Trade and Cooperation Agreement and data protection: what you should do now

- Posted in data protection by
I know it's Christmas. And I know I'm supposed to be on holiday. But I also know that some of you have been planning for, or even just worrying about, what you need to do to prepare for the end of Read more