Real estate and ethical data use

Is consent the hallmark of ethical data use in a real estate context? Read the RED (Real Estate Data) Foundation discussion paper. Read more

  NEWS

Jun 21, 2022

Upcoming Data Reform Bill "to give Parliament and Government greater oversight" of Information Commissioner's Office

The Government has set out plans to reform the Information Commissioner's Office (ICO) that will give Parliament and the Secretary of State greater oversight of the data regulator and broaden the legal responsibility underpinning its work.
May 25, 2022

ICO imposes £7.5m monetary penalty on facial recognition database company and orders UK data to be deleted

Clearview AI has been hit with a monetary penalty of £7,552,800 for using images of people in the UK and elsewhere collected from the web and social media to create a global online database that could be used for facial recognition, following an investigation by the Information Commissioner's Office (ICO).
May 25, 2022

Information Commissioner’s Office still wrestling with Covid-19 related delays

The Information Commissioner’s Office (ICO) has said the number of active cases it is handling involving Freedom of Information (FOI) complaints is still up by around 80% compared to its pre-pandemic case rate.
May 24, 2022

National Housing Federation updates guidelines on ‘Commitment to Refer’ in bid to address data protection concerns, overcome barriers

The National Housing Federation (NHF) has updated the ‘Commitment to Refer’ guidelines to clarify the process around consent.
May 05, 2022

Freedom of Information Act does not allow aggregation of separate public interests in maintaining different exemptions when weighing them against public interest in disclosure: Upper Tribunal

The Freedom of Information Act 2000 (“FOIA”) does not permit aggregation of the separate public interests in favour of maintaining different exemptions when weighing the maintenance of the exemptions against the public interest which favours disclosure of the information sought, the Upper Tribunal has ruled.
Apr 29, 2022

Judges dismiss legal challenge over use of WhatsApp and other non-government communications systems for government business

The Divisional Court has rejected a legal challenge over the use by ministers, civil servants and unpaid advisers of non-Government communications systems such as WhatsApp, Signal and private email for Government business.
Apr 25, 2022

Upper Tribunal ruling reveals eight cases where contempt applications made to First-Tier Tribunal over alleged failure to comply with earlier FTT freedom of information decisions

A recent Upper Tribunal ruling has revealed the existence of eight cases where the First-tier Tribunal (General Regulatory Chamber) (Information Rights) joined the Information Commissioner as a respondent to contempt applications made in respect of alleged failures by a party to meet obligations imposed on it by earlier FTT decisions, it has emerged.
Apr 20, 2022

Improper Local Authority Designated Officer referral impacted vetting of police officer, Ombudsman finds

A Buckinghamshire Council social worker has been found at fault after she made an improper Local Authority Designated Officer (LADO) referral which caused difficulties for a foster parent who was also a police officer, an investigation by the Local Government and Social Care Ombudsman has found.
Apr 19, 2022

High Court set to consider contempt of court finding against council over failure to comply with Tribunal FOI decision

The First-tier Tribunal (General Regulatory Chamber) Information Rights has certified an offence of contempt by the Royal Borough of Kingston-upon-Thames to the High Court of failing to comply with the terms of a Tribunal decision in relation to a freedom of information request.
Apr 14, 2022

Council employee who leaked address of sex offender fined

An ex-employee of Hull City Council who disclosed a sex offender's address to a vigilante group has been fined £500.
Mar 31, 2022

Tribunal rejects legal challenge over non-disclosure of Government submissions to Independent Review of Administrative Law

The First Tier Tribunal (FTT) has ruled that the Government is allowed to withhold from publication evidence submitted by ministers to the Independent Review of Administrative Law.

  FEATURES AND ANALYSIS

June 10, 2022

ICO fines “World’s largest facial network”

The Information Commissioner’s Office has issued a Monetary Penalty Notice of £7,552,800 to Clearview AI Inc for breaches of the UK GDPR. Ibrahim Hasan looks at the background to the case.
May 20, 2022

The Data Reform Bill

Ahead of publication of the Data Reform Bill, Ibrahim Hasan sets out the changes can we expect to the UK GDPR.
May 06, 2022

Data breach litigation — more useful High Court guidance

The High Court has provided further guidance on two important issues in data breach claims, writes Peter Wake.
May 06, 2022

Cyber Security Breaches Survey 2022

Ibrahim Hasan sets out what data protection officers need to know about cyber breaches.
May 03, 2022

A room with a view

Andrew Latham, Serena Patel and Lauren Danks set out some legal considerations for landlords regarding the use of Ring cameras and other domestic CCTV.
April 29, 2022

Top Tips for Local Authority Lawyers advising on Data Protection Matters

Charlotte Smith and Hannah Peto set out some of their top tips to consider when advising on data protection matters.
April 08, 2022

New US-EU data transfer announcement: time to celebrate?

On 25 March 2022, the European Commission and the United States announced that they have agreed in principle on a new Trans-Atlantic Data Privacy Framework. Ibrahim Hasan looks at its potential impact.
April 04, 2022

Social housing and data breaches

Do you know what to do if your housing association has a data breach? Clare Paterson explores the risks of a data breach in social housing, and how you can reduce and manage those risks.
Slide background

Sponsored Editorial

  MORE NEWS

Mar 23, 2022

Council refers itself to Information Commissioner following data breach involving home-schooled children

The Isle of Wight Council has referred itself to the Information Commissioner's Office after mistakenly sending an email to the parents of home-schooled children that included the personal details of 90 students.
Mar 18, 2022

Email error sees London borough mistakenly circulate names and addresses of 45,000 residents

Wandsworth Council has said it is "seeking advice from the relevant data authorities" and is prepared to act on any guidance they provide, after 45,000 emails to voters notifying them of their polling station were sent to the wrong email address.
Mar 14, 2022

Local authority senior solicitor and surveillance law expert joins Act Now Training

Naomi Matthews, a Senior Solicitor and a co-ordinating officer for RIPA at a large local authority in the Midlands, has joined Act Now Training as an associate.
Jan 28, 2022

High Court rejects claim council was vicariously liable after employee on “frolic of her own” leaked social care records

Luton Borough Council was not vicariously liable for the acts of an employee who leaked sensitive data about a woman and her children, in what a High Court judge called a "classic case" of the employee being on a "frolic of her own".
Dec 20, 2021

Ministry of Justice hit by legal challenge over refusal to publish Government department submissions to Independent Review of Administrative Law

The Public Law Project (PLP) has initiated a legal challenge in the First Tier Tribunal against the Information Commissioner’s decision not to require the Ministry of Justice to disclose evidence submitted by central government departments to the Independent Review of Administrative Law, the panel which informed Government proposals on judicial review.
Dec 20, 2021

ICO consults on documents underpinning its approach to upholding information rights

The Information Commissioner’s Office (ICO) has launched a consultation on how it regulates the laws it monitors and enforces.
Dec 02, 2021

Information watchdog hits Cabinet Office with £500k monetary penalty over New Years Honours list data breach

The Information Commissioner's Office (ICO) has issued the Cabinet Office with a £500,000 monetary penalty for disclosing the postal addresses of the 2020 New Year Honours recipients online.
Nov 18, 2021

High Court judge orders transfer to County Court of "trivial" data protection breach claim against housing association

A claim against a housing association for a data breach is too trivial for the High Court and should be heard in a county court, a judge has said.
Oct 21, 2021

Information Commissioner expresses concern at risk to regulatory independence from data reforms

Outgoing UK Information Commissioner Elizabeth Denham has called on the Government to rethink plans that she fears would comprise the independence of the Information Commissioner’s Office.
Oct 07, 2021

Search of personal documents of former Health and Social Care Secretary to be carried out, to challenge contract awards to Abingdon Health

Mr Justice Fraser has ordered a search of former Health and Social Care Secretary Matt Hancock’s personal emails and social media apps.
Sep 10, 2021

Government issues consultation on reforms to data regime and information watchdog

The Department for Digital, Culture, Media and Sport (DCMS) has launched a consultation on a revamped data regime including proposals for reform of the Information Commissioner’s Office.
Sep 06, 2021

Local authority ordered to pay mother fleeing ex-partner £10k in compensation following data breach

Hampshire County Council should pay £10,000 in compensation after a mother who was fleeing her ex-partner had her address exposed in a data breach, Portsmouth Magistrates' Court has ruled.
Aug 31, 2021

Civil liberties groups demand ban of use of facial recognition technology by police

Liberty, Privacy International and 29 other organisations have called for Parliament to ban the use of live facial recognition technology (LFRT) by the police and private companies.
Aug 26, 2021

Government confirms plans to consult on future of data protection regime, role of Information Commissioner’s Office

The Government has confirmed that it will consult in the coming weeks on the future of the UK’s data protection regime, saying it wants to “make it even more ambitious and innovation-friendly while still being underpinned by secure and trustworthy privacy standards”.
Aug 19, 2021

Campaigner cleared after arrest for publishing documents from council housing organisation

A local campaigner was arrested after downloading and tweeting documents he found online concerning board meetings and other affairs of Leathermarket Community Benefit Society, a community-led organisation whose purpose is to provide council homes for local residents in severe housing need.
Aug 17, 2021

Information watchdog calls for views on employment practices and data protection

The Information Commissioner’s Office has issued a call for views as it looks to update its Employment Practices guidance.
Aug 09, 2021

Council defeats tribunal bid by FOI requester for legal advice on power to issue excess charge notices over off-street car parking and to pursue criminal prosecutions for contraventions

The First-tier Tribunal has refused a request for the disclosure of legal advice obtained by a city council on the correct use of its car parking enforcement powers, and clarified how the public interest balance should be assessed in cases where the legal professional privilege exemption in s.42(1) of the Freedom of Information Act is involved.
Aug 04, 2021

Information watchdog issues guidance for public sector bodies on application of direct marketing rules

The Information Commissioner’s Office (ICO) has published a new resource to help public sector organisations understand when the direct marketing rules will apply to their messages.
Jul 22, 2021

Information on selection of academy trust to run schools should be disclosed, tribunal judge finds

Hertfordshire County Council was wrong to withhold information on how an academy trust was chosen to provide schools in Bishop's Stortford and the Information Commissioner had been wrong to agree with the council’s arguments.
Jul 20, 2021

Campaign group calls for public register of algorithms used by councils, files complaint with Information Commissioner

Campaign group Big Brother Watch has hit out at councils’ use of algorithms, claiming that most of those it had uncovered were “secretive, unevidenced, incredibly invasive and likely discriminatory”.
Jul 07, 2021

ICO launches formal investigation into use of private email accounts at Department of Health and Social Care

The Information Commissioner’s Office has launched an investigation into the use of private correspondence channels at the Department of Health and Social Care.
Jun 25, 2021

Tribunal upholds decision by council to refuse to disclose views of independent persons on complaint about councillor

The First-Tier Tribunal has dismissed a legal challenge to a district council’s decision to refuse, in response to a freedom of information request, to provide the views of two independent persons on a complaint about the conduct of a councillor.
Jun 24, 2021

Councils reported 700+ data breaches to Information Commissioner in 2020: report

UK councils reported an estimated 700+ data breaches to the Information Commissioner’s Office in 2020, according to research by cyber security services company Redscan.
Jun 18, 2021

Investigation of organisations using live facial recognition technology in public spaces found none compliant with data protection law: ICO

An investigation by the Information Commissioner's Office (ICO) published today (17 June) found that out of a group of organisations using live facial recognition (LFR) technology in public spaces, none were fully compliant with data protection law requirements.
May 24, 2021

Groups crowd fund £43k+ for legal challenge over disappearing message apps and conduct of government business

Two organisations have raised more than £43,000 towards a legal action over the potential use of disappearing message apps to conduct government business.

  MORE FEATURES

March 25, 2022

Dealing with cyber-attacks

A law fiirm was recently fined for a GDPR breach. So what went wrong? Ibrahim Hasan looks at the lessons to be learned.
March 18, 2022

Changes to data protection law

Changes to UK data protection law could be quicker and more profound than we thought. Eleonor Duhs examines how the Brexit Freedoms Bill could make fundamental changes to retained EU law, including the UK GDPR.
February 18, 2022

Vicarious liability and leaks of sensitive data

A High Court judge recently rejected a claim that a council was vicariously liable after an employee on a “frolic of her own” leaked social care records. Jack Harding explains why.
December 10, 2021

Requiring the Information Commissioner to progress data breach complaints

The Upper Tribunal has clarified powers to require the Information Commissioner to take “appropriate steps” to progress complaints of a data protection breach, write Maya Lester QC and Jacob Rabinowitz.
December 10, 2021

FOI under attack

Last week, a government minister called the Freedom of Information Act (FOI) a “truly malign piece of legislation”. Ibrahim Hasan looks at what the comments tell us.
December 02, 2021

Adequacy Decision Granted to the UK

Charlotte Smith considers two recent adequacy decisions and explains how this affects existing data practices.
November 26, 2021

Law enforcement processing and the meaning of “authorised by law”

In October, there was a decision in the Scottish courts which will be of interest to data protection practitioners and lawyers when interpreting Part 3 of the Data Protection Act 2018 (law enforcement processing) and more generally the UK GDPR, writes Alistair Sloan.
November 26, 2021

We need real decisions about artificial intelligence

The regulatory framework around the use of artificial intelligence by local authorities is inadequate but existing governance mechanisms can address concerns, writes Sue Chadwick.
November 19, 2021

Data protection for schools and higher education institutions

Matthew Wyard considers the right to access educational data via a subject access request (prompted by a recent issue in his caseload), and also the data protection obligations owed by further and higher education institutions (“HEIs”) in situations of crisis on campus.
November 17, 2021

Lloyd v Google

Ibrahim Hasan considers what data protection officers need to know from the landmark ruling from the Supreme Court.
October 29, 2021

Data protection claims: A guide for defendants

In the second in a series of articles, Matthew Wyard provides an overview of the types of claims brought for breaches of statutory duty under the UK GDPR and the Data Protection Act 2018 and explains how to go about considering the merits of any claims that are issued. He also considers how to address issues of quantum, and offers some practical hints and tips for dealing with claims.
October 22, 2021

Please, sir, I want some more

Ibrahim Hasan looks at the significant issues raised by the use of facial recognition in schools.
October 19, 2021

Data Protection: Current awareness issues for businesses

What are the key issues facing businesses and what protections can be put in place to avoid breaches? Barry Stanton, Emma O’Connor, and Amir Kousari discuss.
October 15, 2021

Ransomware attacks: a practical guide to survival

Matthew Wyard addresses the risk of a ransomware attack and considers the practical steps that an organisation needs to take to survive such an event.
September 24, 2021

Are you ready for UK GDPR 2.0?

Ibrahim Hasan sets out the key points from the Government's consultation on a revamped data protection regime.
August 19, 2021

Delivering 21st-century customer experience in the public sector

Rachel Buchanan examines how legal teams should support their authorities in delivering tailored services at a time of restrained resources.
August 13, 2021

Confidential information and subject access disclosure

Matthew Alderton reports on a case where a council was entitled to final injunctive relief to prevent the defendant from using confidential information that had been disclosed inadvertently.
August 06, 2021

Cyber-attacks, data breaches and causes of action

A recent High Court claim was based on a core allegation that the defendant had failed to protect the claimant’s data from a cyber-attack. Peter Wake looks at the lessons to be learned.
July 23, 2021

GDPR fines

The Information Commissioner's Office recently issued its first GDPR fine to a charity. Ibrahim Hasan examines the watchdog's track record of enforcement.
July 12, 2021

UK granted data protection adequacy decision

Charlotte Smith summarises the new data protection adequacy decision.
Slide background