General Data Protection Regulation Archives

21.12.20

I have been served with a Production Order. What should I do?

A Production Order requires a person to provide material in their possession to an appropriate officer or to allow access to the material. Production Orders can be obtained by the Police, Her Majesty’s Revenue and Customs (HMRC), the National Crime Agency (NCA), the Serious Fraud Office (SFO) and other authorities deemed to be ‘appropriate officers’….

21.05.20

EasyJet victim of massive cyber attack

EasyJet has reported to the Information Commissioner’s Office (‘ICO’) and the National Cyber Security Centre that is has been the subject of a ‘highly sophisticated’ cyber security breach affecting close to 9 million customers. It became known to the airline in January 2020 that sensitive data, including email addresses, travel details and credit card details…

16.10.18

Consumer website says “no thanks” to the GDPR and the EU

In the months that led up to the GDPR coming into force on 25 May 2018, as we readied ourselves to enter into a brave new world of enhanced regulation that sought to afford better protection of our personal data, we were all asked the same question over and over again: “Are you prepared for…

9.09.18

BA hit by massive data breach

British Airways (‘BA’) has reported that between 10.58pm on 21 August and 9.45pm on 5 September 2018, it was the victim of a ‘sophisticated, malicious’ cyber attack resulting in the theft of personal and financial data belonging to up to 380,000 customers who booked flights via the BA app and website during that time period….

3.09.18

Air Canada data Leak could result in hefty fine and lead to claims

Air Canada has reported that their app has been subject to a data breach resulting in the theft of data from around 20,000 accounts. It states that it detected unusual activity between 22 and 24 August 2018 and as a precaution locked all 1.7 million accounts held with the company. The source of the breach…

18.07.18

Independent Inquiry into Childhood Sexual Abuse fined £200,000 for email data leak

The Information Commissioner’s Office (the ICO) has fined the Independent Inquiry into Childhood Sexual Abuse (IICSA) £200,000 following a data leak on 27 February 2018. The leak occurred when a member of staff sent a ’round-robin’ email, but mistakenly used the ‘to’ field instead of the ‘bcc’ field, inadvertently disclosing the email addresses of 90 individuals…

17.07.18

Lexis Nexis Interview: UK data protection watchdog intends to impose maximum fine on Facebook

The information Commissioner’s Office (ICO) has published two reports detailing its investigation into the use of data analytics in political campaigns. The first report includes proposals to fine Facebook £500,000—the maximum allowed—for two alleged breaches of the Data Protection Act 1998 (DPA 1998), while the other includes a recommendation for the government to introduce a statutory Code of Practice…

28.06.18

Ticketmaster customer data leak could lead to GDPR claims

Ticketmaster has notified up to as many as 40,000 UK customers that their personal and payment information may have been accessed by an unknown third party. It says that on 23 June 2018 it identified malicious software on a customer support product hosted by a third party supplier. It is understood that the customers affected…

16.03.18

Forthcoming ‘right to be forgotten’ cases and the interplay with the GDPR

With a number of high-profile claims against Google in the offing, practitioners and individuals alike are hopeful for guidance on the interplay between the application of the ‘right to be forgotten’ principle and the forthcoming introduction of the General Data Protection Regulation (GDPR). Iain Wilson, managing partner of Brett Wilson LLP, considers the issues at…

12.10.17

Fines for data breaches and the General Data Protection Regulation

Much has been made of the imposition of the General Data Protection Regulation (“GDPR”), to be integrated into UK law via the Data Protection Bill (“DPB”), in anticipation of its coming into force on 25 May 2018. The rationale behind the GDPR is to provide a legal framework that acknowledges the sensitivity of personal data…

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Recent posts

All posts

I have been served with a Production Order. What should I do?

EasyJet victim of massive cyber attack

Consumer website says “no thanks” to the GDPR and the EU

BA hit by massive data breach

Air Canada data Leak could result in hefty fine and lead to claims

Independent Inquiry into Childhood Sexual Abuse fined £200,000 for email data leak

Lexis Nexis Interview: UK data protection watchdog intends to impose maximum fine on Facebook

Ticketmaster customer data leak could lead to GDPR claims

Forthcoming ‘right to be forgotten’ cases and the interplay with the GDPR

Fines for data breaches and the General Data Protection Regulation

Legal Disclaimer