Cyber Insurance, Privacy and Data Security Newsletter – July 2018

Cyber Insurance, Privacy and Data Security Newsletter – July 2018's Tags

Tags related to this article

Cyber Insurance, Privacy and Data Security Newsletter – July 2018

Published 12 July 2018

Data Protection Act, GDPR and E-Privacy Regulations

The last few weeks have seen data protection laws radically overhauled in the UK and across Europe. The long-awaited General Data Protection Regulations finally became directly applicable in all Member States on 25 May 2018 and the majority of the Data Protection Act 2018 came into force on the same date, amid wide-spread concerns in the lead-up that it would not receive parliamentary approval in time.  

Please click here for more information on the GDPR, the DPA 2018 and the EU's ePrivacy Regulation, which is still being finalised and it is now expected to come in next year.

ICO update GDPR Guide 

Understanding the implications of this new legislation for data controllers, data processors and individuals has been some-what perplexing but the UK's ICO is helping by issuing frequent updates to its GDPR Guide and guidance notes. Also, the European Data Protection Supervisor (EDPS), which replaces the old Article 29 Working Party, has been busy issuing updates and preparing draft guidelines for consultation.  

Please click here for further information on the ICO and EDPS guidance.    

Costs Lessons from Morrisons

Other news is that Morrisons has appealed the decision Various Claimants v Morrisons to the Court of Appeal on the issue of whether the supermarket is vicariously liable for the deliberate misuse of personal data by its disgruntled employee who intended to cause it harm. This appeal is expected to be heard in October 2018. 

Meanwhile, the High Court has handed down its costs judgment relating to the first instance decision. Emphasising the importance of pleading arguments in a proportionate and focussed way and not indulging in tenuous or fanciful arguments, the judge awarded the Claimants only 40% of their costs claim. This was to reflect that the Claimants were unsuccessful in their argument that Morrisons was directly liable for the data leak; an argument that went to 13 of the 14 issues at trial. 

Our full commentary on the costs decision is here.

TLT appeal: Court of Appeal unwilling to disturb High Court's findings of fact in privacy breach decision

The Court of Appeal has also ruled on the appeal in Secretary of State for the Home Department v TLU and TLV concerning the liability of the Home Office to pay distress compensation to individuals who were not named but whose identity could be inferred from asylum data accidentally disclosed on its website. The Court of Appeal was unwilling to interfere with the trial judge's findings of fact that individuals could be identified as asylum seekers by third parties.

Please click here for our full article on the decision.  

ThreatInformer Cyber Threat Advisory – July 2018

Websites without HTTPS will be labelled “Not Secure” by Google Chrome this month. With over 50% of website visitors using Chrome, it could have a significant business impact.

Please click here to read the full article.

And finally...

Our new Breach Response Planner has completed its Beta testing stage and will be available shortly. This will allow organisations of all sizes to ensure that they have a comprehensive plan in the event of a data breach. More details about the Planner will follow shortly but please feel free to contact us should you require further information in the meantime.

Authors

Hans Allnutt

Hans Allnutt

London - Minster Court

+44 (0) 20 7894 6925

Patrick Hill

Patrick Hill

London - Minster Court

+44 (0)20 7894 6930

Joseph Fitzgerald

Joseph Fitzgerald

London - Minster Court

+44(0)20 7894 6875

Laura Stewart

Laura Stewart

London - Minster Court

+44 (0)20 7894 6984

Lorraine Ekong

Lorraine Ekong

London - Fetter Lane

+44(0)20 7894 6048

< Back to articles