Category: News

The Court of Appeal’s conclusion that the ‘Immigration Exemption’ in Schedule 2 to the DPA 2018 is not compliant with the GDPR creates two data protection headaches for Government. First, the Court’s method of determining the illegality of the immigration exemption (i.e. that the safeguards in Article 23(2) of the GDPR were missing from the UK’s DPA2018),  applies to ALL exemptions in Schedules 2 to 5.  So does this mean ALL exemptions in the DPA2018 are equally unlawful? Second, if

When I posted the blog on the return of the database state via the National Fraud Initiative (NFI), I knew I was going out on a limb.  Afterall, if one criticises a key Government initiative for being incredibly invasive of privacy, one hardly expects to be awarded two or three “back-of-the-hand” COVID contracts as a “thank you”. So it is a relief that the ICO’s response to NFI consultation on data matching (just published) has come to similar conclusions (see

The Government propose to expand the data matching capability of the Cabinet Office as legitimised by the Local Audit and Accountability Act 2014.  Data matching (and the associated data sharing) is to be extended from its current anti-fraud base to include any other criminal activity, debt recovery and data quality (e.g. improving accuracy of personal data). The proposals are described in a document entitled “Consultation on the expansion of the National Fraud Initiative Data Matching Powers” which also includes a

Can I wish blog readers a belated “Happy New Lockdown”. This blog considers two issues (a) the adequacy arrangements in the EU-UK Trade Agreement (the “Agreement”) and (b) electronic marketing provisions in the Agreement which might sink the “soft opt-in”. But first a reminder for readers to refer to the UK_GDPR and EU_GDPR from now on.  These two GDPR variants are established by the “Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019” (the “Brexit DP Regs”)

In the next three weeks, there will either be a trade agreement with the European Commission (EC) or no trade agreement.  As a sophisticated Barnsley fan, I have unshakeable faith in my abilities to recognise that one of these two outcomes will be correct. If there is a trade agreement, I suspect the EC will chuck in an adequacy agreement with the UK with the caveat that it is subject to review by the Council of Ministers, European Data Protection

The Government has published six Principles that govern the development of its digital identity policy.  As most governmental departments and businesses are providing more online services (encouraged by COVID), a citizen’s ability to prove his or her identity digitally is becoming more important (e.g. to facilitate interaction with Government or to authorise electronic payments). The six digital identity Principles are: “Privacy, Transparency, Inclusivity, Interoperability, Proportionality”  and “Good Governance” and can be found in Section 4.2  of a 5,000+ word text

The Glorious Twelfth is the date when land-owners of moorland estates celebrate the start of the grouse shooting season; August 12 this year was about the time the Information Commissioner (IC) became “fair game” for many commentators. The IC’s detractors fall into two groups.  In the blue corner is the Conservative supporting Press (e.g. Daily Mail, Telegraph and The Sun);  Newspapers that have been critical of the IC’s prolonged absence from the UK.   Also in the blue corner (but silent