At a glance The ICO has issued an enforcement notice which provides valuable insights into its approach to the use of biometrics in the workplace, and the lawfulness of employee monitoring activities more broadly. On 23 February 2024, the Information Commissioner’s Office (ICO) ordered Serco Leisure Operating Limited (Serco), an operator of leisure facilities, to […]
Enforcement against the use of biometrics in the workplace Read More »
The Information Commissioner’s Office (ICO) is calling for views on data protection and employment practices to help them shape their upcoming guidance products which will see existing guidance replaced with “a new, more user-friendly online resource with topic-specific areas”. DLA Piper’s employment group will be submitting a response to the ICO’s call for views and
The Court of Justice of the European Union (CJEU) has given its preliminary ruling in Schrems II – Data Protection Commissioner v Facebook Ireland Limited and Maximillian Schrems (Case C-311/18) in which it strikes down the EU-US Privacy Shield as a mechanism for transferring employees’ personal data to the US, on the basis that the
EU-US Privacy Shield is no more. What now for employers After Schrems II? Read More »
Today the Supreme Court allowed an appeal in Morrisons v Various Claimants[1], a significant judgment addressing the extent of an employer’s liability for data breaches maliciously committed by an employee. The Supreme Court held that: The earlier judgments of the High Court and Court of Appeal had misunderstood the principles governing vicarious liability. In particular,
Two recent cases involving data protection have recently been in the spotlight. In WM Morrisons Supermarkets PLC v Various Claimants, the Court of Appeal dismissed Morrisons’ appeal against the High Court’s decision that Morrisons was vicariously liable for the deliberate disclosure by an employee of his co-workers’ personal data on the internet. Unless there is
Data protection cases in the spotlight Read More »
The countdown is on to the implementation of the GDPR on 25 May 2018. With less than one month to go, many employers will be finalising their preparation for the changes the new law will bring to data protection in the workplace. For those employers finalising their preparations, it may be time to check in
Less than one month to go until GDPR: Are you ready? Read More »
On 14 September the UK Government published the draft Data Protection Bill, to replace the Data Protection Act 1998 (DPA) and supplement the forthcoming General Data Protection Regulation (GDPR) in certain key areas. Our earlier Blog Entry provided an overview of the Bill. In this article we highlight the specific impact of the Bill on
Data Protection Bill: impact on employee data Read More »
Yesterday the Government published the draft Data Protection Bill which will replace the Data Protection Act 1998, supplement the General Data Protection Regulation in certain areas and provide more detail on how the GDPR will be enforced in the UK . DLA Piper’s Privacy team has published a blog post on their Privacy Matters blog
Draft Data Protection Bill published Read More »
The recent decision of the European Court of Human Rights in Barbulescu v Romania (see our Be Aware blog post of 7 September) has placed the spotlight once more on the extent to which employers are permitted to monitor their employees’ communications and activities. The adoption of new information technologies in the workplace allows for
Monitoring employees: Guidance on privacy in the workplace Read More »
On 7 August 2017, Government publishes its Statement of Intent (SoI) on ‘A new Data Protection Bill: Our planned reforms’. The SoI states that implementation of the GDPR and repeal of the Data Protection Act (DPA) will be done in a way that so far as possible preserves the concepts of the DPA to ensure
Government publishes Statement of Intent on proposals for new data protection laws Read More »
In the latest in our series of briefings on preparing for GDPR, we focus on the steps necessary to implement a GDPR compliance programme. With only one year to go until GDPR comes into force on 25 May 2018, it is vital that organisations take action now to ensure that they are ready to comply
How to prepare for GDPR: Implementing a compliance programme Read More »
In the next of our series of briefings on the General Data Protection Regulation (GDPR) we focus on some more of the practical impacts of GDPR on the employment relationship and what businesses can do to manage these and prepare for implementation by May 2018. Data subject access requests Under the GDPR, employees will have
Practical impacts of GDPR on the employment relationship Read More »
The General Data Protection Regulation (GDPR), due to come into force throughout the EU including the UK on 25 May 2018, will force through a culture change in terms of attitudes to data privacy, according to the Information Commissioner Elizabeth Denham. Speaking at the Data Protection Practitioners’ Conference 2017, Denham warned that organisations risking damaging
Earlier this month, the European Commission (EC) voted to adopt the final version of the new EU/US data protection scheme, the Privacy Shield, which provides a mechanism for the valid transfer of personal data from the EU to the US. The scheme was approved simultaneously by the US Department of Commerce (DoC). The Privacy Shield
Privacy Shield adopted by European Commission and US Department of Commerce Read More »
The Information Commissioner’s Office (ICO) has published an Overview of the European General Data Protection Regulation (GDPR) for organisations. The changes anticipated by GDPR are wide-ranging and require a cross-organisational compliance framework that will take time to assess and implement effectively. Organisations which process data within the UK should start their planning now if they
© 2024 DLA Piper. DLA Piper is a global law firm operating through various separate and distinct legal entities. For further information about these entities and DLA Piper's structure, please refer to the Legal Notices page. All rights reserved. Attorney advertising.
