As reported in a must-read analysis, the Information Commissioner’s Office has for only the second time in its history successfully prosecuted individuals under the Computer Misuse Act 1990 in order to impose harsher criminal penalties for unauthorized access to personal data (including but not limited to prison sentences and confiscation orders) than are available

In case you missed it, below is a summary of recent posts from CPW.  Please feel free to reach out if you are interested in additional information on any of the developments covered.

Merely Monitoring App Activity Data Does Not Support a Claim Under California’s Invasion Of Privacy Act, But Is It Sufficient To Allege

CPW has previously covered how companies are increasingly turning to consumer arbitration agreements to limit litigation exposure.  While an arbitration agreement does not allow a defendant to avoid a lawsuit outright, it does provide an escape mechanism from the public scrutiny and cost of litigation.  Issues concerning application of arbitration agreements continue to come up

In the wake of CPW’s must-read four part series on the European Data Protection Board’s (“EDPB”)  draft “Guidelines 07/2020 on the concepts of controller and processor in the GDPR,” we have a follow up on important documents that have recently been released relating to rules governing the transfer of EU personal data.  These

Lydia de la Torre is a frequent CPW contributor with deep insight and knowledge on cutting edge developments in data privacy and cybersecurity.  For some of the fantastic pieces she has co-authored recently, see here and here.  Well, we are very pleased to share that the legal publication Daily Journal has selected Lydia among