Tag Archives: UK

The Information Commissioner’s Office Publishes a Consultation Paper on Profiling and Automated Decision-Making under the GDPR

By Inside Privacy on April 10, 2017 Posted in United Kingdom

By Dan Cooper and Rosie Klement On April 2, 2017, the Information Commissioner’s Office (“ICO”) released a consultation paper for UK organizations to comment on how the new profiling provisions under the General Data Protection Regulation (“GDPR”) could be interpreted and applied when the GDPR comes into force in May 2018. The public consultation on … Continue Reading

Company Receives Record Fine from UK Regulator For Cold Calling

By Mark Young and Helena Marttila-Bridge on March 1, 2016 Posted in Advertising & Marketing, United Kingdom

The UK’s data protection regulator, the Information Commissioner’s Office (“ICO”), has imposed a fine of £350,000 on Prodial Ltd (“Prodial”) for making over 46 million unsolicited automated telephone calls to generate leads in relation to payment protection insurance refunds. This is the highest fine issued by the ICO to date.… Continue Reading

EU DPA Enforcement Guidance Post-Schrems

By Mark Young, Monika Kuschewsky, Kristof Van Quathem and Joseph Jones on February 18, 2016 Posted in European Union

Industry eagerly awaits further guidance from data protection authorities (“DPAs”) relating to the EU-U.S. Privacy Shield as well as on the validity (or otherwise) of other mechanisms for transfers to the U.S. such as standard contractual clauses (“SCCs”) and binding corporate rules (“BCRs”). As we explained in recent posts (here and here), publication of an … Continue Reading

UK ICO Issues Largest Ever Fine In Connection With Automated Marketing Calls

By Mark Young and Joseph Jones on October 2, 2015 Posted in Advertising & Marketing, United Kingdom

The UK Information Commissioner’s Officer (“ICO”) has issued its largest fine to date in connection with using an automated calling system to make direct marketing calls. The ICO found that Home Energy & Lifestyle Management Ltd (“HELM”), a green energy company that made millions of automated marketing calls in relation to “free” solar panels, recklessly … Continue Reading

UK Government Launches Cybersecurity Service For Healthcare Organizations

By Mark Young and Phil Bradley-Schmieg on September 17, 2015 Posted in Cybersecurity, Data Breaches, Data Security, European Union, Health Privacy, United Kingdom

The UK government has announced a new national service providing expert cybersecurity advice to entities within the National Health Service (NHS) and the UK’s broader healthcare system. The project, called CareCERT (Care Computing Emergency Response Team), is aiming for a full go-live in January 2016. … Continue Reading

Updating Ofcom’s Guidance on Network Security – New Consultation

By Mark Young on December 20, 2013 Posted in Cybersecurity, European Union, United Kingdom

In light of growing concerns over cybersecurity and evolving technology and operational practices, Ofcom (the independent regulator and competition authority for the UK communications industries) is seeking views on whether its existing guidance on network security should be revised. Interested parties have until 21 February 2014 to respond. Depending on the responses received, Ofcom intends … Continue Reading

European Council Taps the Breaks–Adoption of EU General Data Protection Regulation Delayed

By Monika Kuschewsky on October 28, 2013 Posted in European Union

Only a few days after the leading parliamentary committee waved through the proposed amendments to the European Commission’s legislative proposal for a General Data Protection Regulation (see here and here), the EU Member States’ governments have decided to postpone the adoption of the Regulation to 2015. Germany and the UK, in particular, supported the delay, albeit … Continue Reading