Legal Alert is a monthly checklist from Atom Content Marketing highlighting new and pending laws, regulations, codes of practice and rulings that could have an impact on your business.
Displaying 1-49 of 49 results
New guidance: ICO publishes new guidance on monitoring of workers
- Nov 2023
Employees will welcome new guidance from the UK Information Commissioner’s Office (ICO) to help them comply with UK data protection rules if they monitor workers.
New guidance: ICO publishes draft guidance on data protection law for biometric data
- Oct 2023
Businesses using or considering using biometric data and technologies will welcome a first-phase draft of proposed guidance on the application of data protection law, published by the Information Commissioner’s Office (ICO).
New law: Businesses start checking website visitors can reject cookies easily
- Oct 2023
Businesses that fail to comply with rules requiring them to make it as easy for their website visitors to reject non-essential cookies as to accept them should consider amending their websites to ensure compliance, as the Information Commissioner’s Office (ICO) may be taking a stricter approach to enforcement in future.
Legal Alert - July 2023
- Jul 2023
A monthly checklist from Atom Content Marketing highlighting new and pending laws, regulations, codes of practice and rulings that could have an impact on your business.
New guidance: ICO issues new, free guidance on handling Data Subject Access Requests
- Jul 2023
Businesses, particularly employers, will welcome new guidance from the UK Information Commissioner’s Office (ICO) on dealing with Data Subject Access Requests by workers.
New guidance: Information Commissioner’s Office issues new draft guidance for online services children are likely to access
- May 2023
Organisations providing online services that children are likely to access will welcome new draft guidance from the Information Commissioner’s Office (ICO).
New law: Government publishes proposed new UK data protection laws
- Apr 2023
Businesses are monitoring new draft UK data protection laws intended to reduce data protection burdens on UK organisations.
New guidance: ICO publishes draft guidance on handling workers’ health information
- Feb 2023
Employers will welcome new guidance from the Information Commissioner’s Office (ICO), the UK's independent body responsible for upholding information rights, on handling personal data about workers’ health.
New guidance: ICO publishes guidance on transfers of personal data overseas
- Jan 2023
Businesses wishing to transfer UK personal data to recipients outside the UK will welcome new guidance from the UK Information Commissioner’s Office (ICO) on how to manage such transfers.
New guidance: ICO new guidance on marketing by electronic mail and phone
- Jan 2023
Organisations marketing by electronic mail and/or live phone calls will welcome new Information Commissioner's Office (ICO) guidances on direct marketing by these means.
New consultation: Employers consulted on draft ICO monitoring at work guidance
- Dec 2022
Employers now have an opportunity to comment on draft guidance on monitoring employees at work, issued by the Information Commissioner’s Office (ICO).
New guidance: ICO publishes help on handling data subject access requests
- Nov 2022
Businesses and other organisations will welcome a blog post from the UK Information Commissioner’s Office (ICO) containing key takeaways on how to handle data subject access requests (SARs).
New law: Government proposes significant changes to UK data protection laws
- Jun 2022
Businesses and other organisations are bracing themselves for proposed changes to UK data protection rules, which are currently modelled on the EU’s General Data Protection Regulations (GDPR), now that the UK has left the EU.
New guidance: ICO guidance helps employers ensure compliance with data protection laws as COVID restrictions end
- May 2022
Employers will welcome new guidance from the Information Commissioner's Office (ICO) designed to help them continue to comply with data protection laws now that COVID-19 restrictions have been removed.
New guidance: ICO issues guidance to help organisations handle data protection consequences of ransomware attacks
- May 2022
Businesses and other organisations will welcome guidance from the Information Commissioner’s Office (ICO) ‘Ransomware and data protection compliance’, aimed at helping them comply with their data protection obligations if they are the victim of a ransomware attack.
New law: Organisations face new UK standard contractual clauses to be used to protect personal data they transfer out of the UK
- Mar 2022
Organisations that transfer individuals’ personal data out of the UK to a country that the UK does not recognise as having adequate data protection laws need to reconsider which contractual clauses they use in their data transfer agreements, following the UK’s introduction of new standard clauses from 21 March 2022.
New schemes: Organisations considering certification under new data protection schemes
- Oct 2021
Organisations can now apply to be certified under three new schemes approved by the Information Commissioner’s Office (ICO), with certification providing evidence that they meet the standards set by each scheme and are handling personal data properly and lawfully when carrying out the activities covered by it.
Legal Alert - October 2021
- Oct 2021
A monthly checklist from Atom Content Marketing highlighting new and pending laws, regulations, codes of practice and rulings that could have an impact on your business.
New Code: Information Commissioner’s Office Code for providers of online services which children are likely to access goes live
- Sep 2021
Organisations providing online services to children up to 18, or online services that children are likely to access, should ensure they are now complying with the Age Appropriate Design Code published by the Information Commissioner’s Office (ICO), which took full effect from 2 September 2020.
New guidance: UK government updates data protection guidance in light of EU adequacy decision
- Aug 2021
The UK government has updated its guidance for UK organisations that receive and send personal data from and to the European Economic Area (the EU member states, plus Norway, Iceland and Liechtenstein) or which operate there, following the recent data protection adequacy decision by the EU.
Legal Alert - August 2021
- Aug 2021
A monthly checklist from Atom Content Marketing highlighting new and pending laws, regulations, codes of practice and rulings that could have an impact on your business.
New practice: Employers may need access to employees’ private phones, email, social media accounts, etc to satisfy data protection obligations
- Jun 2021
Employers whose employees are allowed to use their own phones, computers or tablets, private email accounts and messaging services, or personal accounts on social or business media such as Twitter, LinkedIn, WhatsApp or Instagram for work purposes should ensure they are able to require their employees to give them access to personal data held on those phones, accounts etc where this is required to comply with data protection laws.
New law: Businesses likely to be able to carry on moving personal data freely between the UK and the EEA
- Apr 2021
UK businesses whose operations require them to move personal data between the UK and the European Economic Area (EEA) will be relieved that the European Commission has published a draft ‘adequacy decision’ in relation to UK data protection law, making it increasingly probable that they will be able to continue to do so, even though the UK is no longer an EU member state.
New guidance: New guidance for employers dealing with COVID-related issues, including employees who refuse vaccinations
- Mar 2021
Employers will welcome new guidance from Acas, the government, and the Information Commissioner’s Office (ICO) to help them handle employment law and data protection issues arising from the COVID-19 pandemic, including how to deal with employees who do not want to get vaccinated.
New law: Issues for UK businesses transferring personal data about EEA individuals to the UK mount up as end of Brexit transition period approaches
- Oct 2020
Businesses that transfer personal data about individuals in the EEA (the European Economic Area, which means EU member states, plus Norway, Iceland and Liechtenstein) to the UK should be taking action now to prepare for the end of the Brexit transition period, when the UK becomes a ‘third country’.
Case law: Pharmacy fined £275k for storing records containing personal data in back yard
- Mar 2020
Businesses should take their responsibilities under data protection law seriously, ensure old records are dealt with lawfully and respond promptly to questions legally asked by the Information Commissioner’s Office, or risk significant fines.
Case law: Information Commissioner’s Office publishes code of practice for providers of online services which children are likely to access
- Mar 2020
Organisations providing online services to children up to 18, or online services that children are likely to access, should consider whether they are complying with a new age appropriate design code of practice published by the Information Commissioner’s Office (ICO).
Case law: Pre-ticked consent boxes on websites are not sufficient consent to use of personal data under EU laws
- Nov 2019
Website owners and operators must ensure that consent to the collection and use of personal data of their site visitors, required under EU data protection laws, are specific and express and given in relation to each relevant activity. Pre-ticked consent boxes do not amount to lawful consent, according to a recent ruling.
Case law: Data protection exemption for ‘journalistic activities’ is wider than just professional journalists’ activities
- Jun 2019
Individuals who secretly film and post videos on YouTube and similar sites may be able to rely on an exemption for ‘journalistic activities’ to justify what would otherwise be a breach of data protection rules. This follows a new, wider definition of the exemption put forward in a recent Court of Justice of the European Union ruling.
Case law: Court clarifies duty to respond to subject access requests under UK data protection law
- Jun 2019
Organisations considering how to respond to a ‘subject access request’ will benefit from court guidance given in a recent ruling.
Case law: Employee sent to prison for accessing employer's data without permission
- Dec 2018
Employees tempted to access their employer or ex-employer's data without authorisation could face a prison sentence if the ICO decided to prosecute for hacking instead of obtaining data without consent, following a recent case.
New law: Employers can no longer automatically carry out criminal conviction checks on prospective employees
- Oct 2018
Employers should check if they may still automatically carry out blanket criminal conviction checks lawfully on prospective new employees, now that the General Data Protection Regulations (GDPR) and Data Protection Act 2018 are in force.
Case law: Company successfully stops hackers who stole data and demanded a ransom to stop them publishing it
- Jul 2018
Businesses who have been hacked and had data stolen have access to remedies that can severely discourage and undermine the hackers if they threaten to publish it online, provided they act quickly, a recent case makes clear.
New law: GDPR means intellectual property rights owners will find it harder to identify domain name owners infringing their rights
- May 2018
Owners of intellectual property (IP) rights such as trade marks are likely to find it harder to obtain details of UK domain name owners allegedly infringing their IP rights from May, because of the General Data Protection Regulation (GDPR).
Case law: Employer held vicariously liable for publication of confidential data online in breach of data protection law
- Jan 2018
Employers should ensure employees are aware of any limits and restrictions on their activities, to reduce the risk of them acting wrongly in the course of their employment so that the employer becomes liable for their wrongful acts, a recent ruling makes clear.
New law: Employers review Data Privacy Notices for employees as GDPR looms
- Dec 2017
Employers should identify who will need a Data Privacy Notices (DPN), determine what should be in them, and revisit their processes and procedures and staff training, to ensure the right individuals receive a DPN at the right time, in readiness for the General Data Protection Regulation (GDPR).
Case law: Ruling clarifies Database Right protection for database owners
- Dec 2017
Businesses owning a database will welcome a legal ruling that will help them decide if they enjoy a database right, so that the database is therefore protected from being reused by someone else.
New law: Organisations gearing up as major new data protection law looms in 2018
- Aug 2017
Organisations should be identifying and preparing to implement necessary changes now, ahead of the new General Data Protection Regulation (GDPR) which is due to come into force in May 2018.
Case law: Clarity for organisations on responding to subject access requests under data protection law
- May 2017
Organisations considering how much effort to put into responding to a 'subject access request', including any human involvement and whether they need to supply documents as well as information, will benefit from recent Court of Appeal guidance.
New law: Organisations preparing for major new data protection law in 2018
- May 2017
Organisations should be identifying and preparing to implement necessary changes now, ahead of the new General Data Protection Regulation (GDPR), due in force in May 2018.
New guidance: Draft guidance published on how to obtain individual's consent to use of their data under the GDPR
- Apr 2017
Organisations will welcome new draft guidance, Consultation: GDPR consent guidance, published by the Information Commissioner's Office (ICO), which deals with how to lawfully obtain an individual's consent to processing of their personal data under the new General Data Protection Regulation (GDPR).
Case law: Organisations cannot refuse requests for personal data on grounds it could be used in legal proceedings against them
- Apr 2017
Organisations receiving 'subject access requests' from individuals under UK data protection law may not refuse to comply solely on grounds that the personal data provided could be used against them in potential or actual legal proceedings.
Case law: Neighbour's CCTV and audio equipment breached data protection law
- Mar 2017
Property owners and occupiers who install CCTV and/or audio recording equipment must comply with data protection laws or risk significant penalties, especially if their equipment monitors 'public space' outside their property, a ruling makes clear.
Case law: Employer who did not provide information requested by employee under data protection law in disciplinary proceedings acted unfairly
- Oct 2016
Employers who fail to provide information requested under data protection law by an employee facing disciplinary proceedings can be acting unfairly, making the employee's subsequent dismissal unfair, a ruling makes clear.
New guidance: Information Commissioner's Office publishes data protection guide for organisations using Wi-Fi to track employees
- May 2016
Organisations using Wi-Fi to track the location of employees, contractors or suppliers from their smartphones or other Wi-Fi devices will welcome new guidance from the Information Commissioner's Office (ICO) on the data protection issues that arise.
New guidance: Information Commissioner's Office updates guide to electronic marketing
- May 2016
Organisations using email and e-newsletters, phone, texts or other forms of electronic communication to promote themselves will welcome updated guidance from the Information Commissioner's Office (ICO) to help them comply with anti-spam law and avoid significant penalties for breaches.
New guidance: Information Commissioner's Office updates data protection IT security guide for businesses
- May 2016
The ICO has published an updated IT security guide for small businesses to help them keep their IT systems secure for data protection purposes.
Case law: Businesses using marketing lists must ensure those on them have given effective consent
- Jan 2016
Businesses using marketing lists should ensure proper, valid consent has been given to use the list for marketing by the individuals on it, under UK laws on data protection and unsolicited marketing communications.
New guidance: New guide helps organisations handle requests for information under data protection law
- Jan 2016
The Information Commissioner’s Office (‘ICO’) has published a new guide to help businesses and other organisations handle ‘subject access requests’ under data protection law.
Displaying 1-49 of 49 results
Disclaimer
This article from Atom Content Marketing is for general guidance only, for businesses in the United Kingdom governed by the laws of England. Atom Content Marketing, expert contributors and ICAEW (as distributor) disclaim all liability for any errors or omissions.
Copyright © Atom Content Marketing
Contact the library
Expert help for your enquiries and research.