As reported in a must-read analysis, the Information Commissioner’s Office has for only the second time in its history successfully prosecuted individuals under the Computer Misuse Act 1990 in order to impose harsher criminal penalties for unauthorized access to personal data (including but not limited to prison sentences and confiscation orders) than are available
In case you missed it, below is a summary of recent posts from CPW. Please feel free to reach out if you are interested in additional information on any of the developments covered.
Turning briefly to data privacy developments on the other side of the pond, in a draft adequacy decision reported to have been seen by the Financial Times, the European Commission (the “Commission”) is set to allow the continued free flow of data between the EU and UK, after confirming that the UK offers an adequate
CPW has previously covered how companies are increasingly turning to consumer arbitration agreements to limit litigation exposure. While an arbitration agreement does not allow a defendant to avoid a lawsuit outright, it does provide an escape mechanism from the public scrutiny and cost of litigation. Issues concerning application of arbitration agreements continue to come up
In the wake of CPW’s must-read four part series on the European Data Protection Board’s (“EDPB”) draft “Guidelines 07/2020 on the concepts of controller and processor in the GDPR,” we have a follow up on important documents that have recently been released relating to rules governing the transfer of EU personal data. These
This fall, the European Data Protection Board (“EDPB”) published the draft “Guidelines 07/2020 on the concepts of controller and processor in the GDPR.” This development matters for CPW readers as even if you are an entity doing business in the United States, if you collect any personal data of people in the EU
This fall, the European Data Protection Board (“EDPB”) published the draft “Guidelines 07/2020 on the concepts of controller and processor in the GDPR.” This development matters for CPW readers as even if you are an entity doing business in the United States, if you collect any personal data of people in the EU
This fall, the European Data Protection Board (“EDPB”) published the draft “Guidelines 07/2020 on the concepts of controller and processor in the GDPR.” CPW will be re-reposting a must-read four part series addressing the key concepts and issues covered. This development matters for CPW readers as even if you are an entity doing
If you are a reader of CPW, you have probably heard of the the General Data Protection Regulation (“GDPR”). The GDPR applies to companies outside the European Union (including, that is right, United States companies) because it is extra-territorial in scope. Which means, to overly generalize, if you collect any personal data of people in
Lydia de la Torre is a frequent CPW contributor with deep insight and knowledge on cutting edge developments in data privacy and cybersecurity. For some of the fantastic pieces she has co-authored recently, see here and here. Well, we are very pleased to share that the legal publication Daily Journal has selected Lydia among