Happy Data Privacy Day 2021!

Annually on 28 January, Data Privacy Day (or, if you prefer, Data Protection Day) is an “international effort to create awareness about the importance of respecting privacy, safeguarding data and enabling trust”.

We take the opportunity to highlight a number of key current issues with data protection.

1. The EU / UK Trade Agreement: Three myths busted – Privacy and data protection
   Still reeling from the Brexit deal done on Christmas eve? The media (and social media in particular) are myth-ridden. Here, we consider and bust some myths related to privacy and data protection.
2. Post-Brexit – data transfers
   As the UK and the EU reached a deal on Brexit, we provide a high level summary of the position on data transfers as from 1 January 2021.
3. New – Standard Contractual Clauses
   Standard Contractual Clauses (SCCs) are the most commonly used mechanism to authorise transfers of personal data from the UK / EEA. We take a look at the proposed new SCCs and find some interesting developments.
4. New guidance for international transfers post-Schrems II
   In July 2020, the European Court of Justice  thoroughly shook up the international data transfer regime when handing down its decision in the Schrems II case. We look at the European Data Protection Board guidance on handling cross-border data transfers post-Schrems.
5. AI and data protection – uncomfortable bedfellows? 
   Artificial intelligence (AI) has been around for a long time. However, it is only fairly recently that we have seen its use spread into our daily lives. With the gradual uptake of AI, one might wonder what the GDPR has to say on the matter. We look at some of the key data protection issues.
6. ICO resumes investigation into Adtech 
   On 22 January 2021 the ICO announced that it was resuming its investigation into the AdTech sector. The ICO’s initial views were that RTB is unlawful. It can be expected that the ICO will issue assessment notices to specific companies in the coming months.  We look at the key issues.
7. Lessons learned from BA, Marriott and Ticketmaster fines
   The Information Commissioner’s Office (ICO) recently fined British Airways (BA), Marriott International (Marriott), Ticketmaster £20 million, £18.4 million and £1.25m respectively for failures to keep customers’ personal data secure.  We look at lessons to be learned.
8. Covid-19 and WFH – can you monitor your employees under GDPR?
   The pandemic has resulted in a seismic shift in the number of employees working from home. A question which often arises is: can employers use technology to monitor employees work patterns? We set out some of the key data protection considerations.
9. Six data protection steps for returning to the workplace
   As lockdown restrictions may ease in the coming weeks / months, we look at the key steps organisations need to consider in relation to the use of personal information.
10. Do you need to register under the Data Protection Act?
    One of the most-read items on our website! Maybe it’s because it could save you from a fine up to £4,350.  While that’s not in the same league as GDPR fines generally, it’s easily avoided by making sure your ICO registration is up to date.

Contact us

If you have any questions about these issues in relation to your own organisation, please contact a member of the team or speak with your usual Fox Williams contact.