SLLP July 21 Composite 600 edit

Worcestershire June 21 Gif 600

GDPR fines

The Information Commissioner's Office recently issued its first GDPR fine to a charity. Ibrahim Hasan examines the watchdog's track record of enforcement. Read more
Slide background

  NEWS

Jul 22, 2021

Information on selection of academy trust to run schools should be disclosed, tribunal judge finds

Hertfordshire County Council was wrong to withhold information on how an academy trust was chosen to provide schools in Bishop's Stortford and the Information Commissioner had been wrong to agree with the council’s arguments.
Jul 20, 2021

Campaign group calls for public register of algorithms used by councils, files complaint with Information Commissioner

Campaign group Big Brother Watch has hit out at councils’ use of algorithms, claiming that most of those it had uncovered were “secretive, unevidenced, incredibly invasive and likely discriminatory”.
Jul 07, 2021

ICO launches formal investigation into use of private email accounts at Department of Health and Social Care

The Information Commissioner’s Office has launched an investigation into the use of private correspondence channels at the Department of Health and Social Care.
Jun 25, 2021

Tribunal upholds decision by council to refuse to disclose views of independent persons on complaint about councillor

The First-Tier Tribunal has dismissed a legal challenge to a district council’s decision to refuse, in response to a freedom of information request, to provide the views of two independent persons on a complaint about the conduct of a councillor.
Jun 24, 2021

Councils reported 700+ data breaches to Information Commissioner in 2020: report

UK councils reported an estimated 700+ data breaches to the Information Commissioner’s Office in 2020, according to research by cyber security services company Redscan.
Jun 18, 2021

Investigation of organisations using live facial recognition technology in public spaces found none compliant with data protection law: ICO

An investigation by the Information Commissioner's Office (ICO) published today (17 June) found that out of a group of organisations using live facial recognition (LFR) technology in public spaces, none were fully compliant with data protection law requirements.
May 24, 2021

Groups crowd fund £43k+ for legal challenge over disappearing message apps and conduct of government business

Two organisations have raised more than £43,000 towards a legal action over the potential use of disappearing message apps to conduct government business.
Apr 26, 2021

Supreme Court to hear key case this week on approach to data breach compensation claims

The Supreme Court will this week (28 April) hear a key case on the approach to compensation claims arising out of data breaches.
Apr 26, 2021

Warning of huge cost burden for councils after High Court rules Royal Borough acted unlawfully in refusing right to inspect accounting records on basis of time it would take

A London borough acted unlawfully in refusing a request to inspect its accounting records on the grounds of the time it would take to satisfy the request, a High Court judge has ruled.
Apr 21, 2021

Council wins extension of time in tribunal case over investment in solar farms

Thurrock Council has been given an extension of time to make its case in a First Tier Tribunal case over disclosures sought by the Bureau of Investigative Journalism (BIJ).

  FEATURES AND ANALYSIS

May 20, 2021

GDPR news roundup

So much has happened in the world of data protection recently, writes Ibrahim Hasan. Where to start?
March 08, 2021

Covid testing in schools and data protection

Neil Murphy examines the data protection issues that arise with the return to school and the prospect of on-site tests for Covid.
February 26, 2021

New Statutory Guidance on Data Sharing

John Fitzsimons looks at the key points for data controllers arising out of the Information Commissioner's new Data Sharing Code of Practice and identifies some surprising omissions.
February 05, 2021

Data-sharing safeguards: no ‘micro-managing’

Robin Hopkins looks at the lessons to be learned from an important Court of Appeal ruling on data-sharing, in a case involving the arrangements between a police force and a local crime reduction partnership.
January 29, 2021

FOI, disclosure of information and actionable breaches of confidence

Monckton Chambers summarises a recent Upper Tribunal ruling involving a council and the FOIA exemption in relation to actionable breaches of confidence.
January 21, 2021

Data protection under the EU GDPR

The following Information Law precedent from LexisNexis provides comprehensive and up to date legal information covering data protection after the final withdrawal of the United Kingdom from the European Union.
December 11, 2020

Can you legally record video meetings?

Whilst video-conferencing via Zoom or Teams etc has allowed us to carry out our business relatively uninterrupted, they have also presented organisations with a new set of privacy considerations to take into account, writes Bronwen Jones.
October 29, 2020

The ICO’s new subject access guidance

The Information Commissioner’s Office has published detailed guidance on how organisations should deal with subject access requests (SARs) “effectively and efficiently”. Ibrahim Hasan looks at the key points.

  MORE NEWS

Mar 25, 2021

Court of Appeal dismisses bid by journalist for access to documents held by council in relation to public law children proceedings, but calls for guidance in form of court rules

The Court of Appeal has dismissed an appeal by a journalist after she was refused access to documents held by Southampton City Council in relation to care and placement proceedings.
Mar 18, 2021

Tribunal allows FOI appeal in part over council investments in solar farm

The Bureau for Investigative Journalism (BIJ) has won an interim ruling in a First Tier Tribunal case to require Thurrock Council to disclose information about its investments in solar farms, it has been reported.
Mar 11, 2021

Councils and other public bodies to be put under legal duty to share data and intelligence in cases of serious violence

A new legal duty is to be imposed on local authorities, the police, criminal justice agencies, health and fire and rescue services to share data and intelligence in cases concerning serious violence.
Mar 04, 2021

Court of Appeal hears appeal by journalist over access to court documents from public law children case

The Court of Appeal is today (4 March) hearing an appeal from a journalist over a judge’s refusal of her application for permission to access court documents in relation to public law proceedings concerning a child.
Feb 18, 2021

First-tier Tribunal allows appeal to limited extent over refusal by Information Commissioner’s Office to disclose arrangements for external legal services

An applicant who sought details of the Information Commissioner's agreements for obtaining external legal services has been successful - but only to a limited extent - in an appeal to access this data.
Feb 11, 2021

Council secures injunction against man who circumvented redaction in child protection papers

The London Borough of Lambeth has won a final injunction against a man who was able to remove a redaction on papers concerning child welfare.
Jan 21, 2021

Police force wins appeal over sharing of information about teenager with local crime reduction partnership

A teenager has failed in a judicial review of how information on her was shared between Sussex Police and the Brighton & Hove Business Crime Reduction Partnership.
Jan 07, 2021

Upper Tribunal rejects request for copies of notes made by First-tier Tribunal judge during information rights hearing

The Upper Tribunal (Administrative Appeals Chamber) has refused an applicant permission to appeal a ruling that he was not entitled to receive a copy of the notes made by a First-tier Tribunal judge in an earlier hearing.
Dec 18, 2020

Information Commissioner publishes new Data Sharing Code of Practice

The Information Commissioner's office has published its new code of practice laying out how organisations and businesses can carry out responsible data sharing.
Dec 14, 2020

Court of Appeal agrees to hear case over journalist access to court records in care proceedings

The Court of Appeal has granted permission to appeal in a case concerning the question of the extent to which journalists can gain access to court records in family law proceedings, it has been reported.
Oct 26, 2020

London borough admits some services could be significantly disrupted “for some time” as it reels from cyberattack

Some services provided by Hackney Council may be significantly disrupted for some time as the London borough responds to a cyberattack that has impacted its ‘legacy’ and non-cloud based systems, Mayor Philip Glanville has warned.
Oct 21, 2020

ICO moves to provide clarity in subject access requests on ‘stopping the clock’, manifestly excessive requests, and charges

The Information Commissioner’s Office has published detailed guidance on how organisations should deal with subject access requests (SARs) “effectively and efficiently”.
Oct 07, 2020

Information watchdog strongly criticises Department for Education for failure to prioritise data protection

The Information Commissioner’s Office (ICO) has made 139 recommendations – more than 60% of which are classified as urgent or high priority – to the Department for Education after publishing the outcome of a compulsory audit carried out in February 2020.
Oct 01, 2020

Information Commissioner consults on draft statutory guidance for publication after Brexit

The Information Commissioner's Office (ICO) has launched a public consultation on its draft statutory guidance, which details how it will regulate and enforce data protection legislation in the UK.
Sep 29, 2020

Court finds retention of data obtained under Prevent Strategy when claimant was 11 year old unlawful

The Metropolitan Police’s retention of data on a 16-year-old child (known as II) from the age of 11 was unlawful and a disproportionate interference with his right to private life, a High Court judge has ruled.
Aug 19, 2020

ICO calls for projects on data sharing in public interest as part of “regulatory sandbox”

The Information Commissioner’s Office has called for projects to be submitted that support complex data sharing in the public interest, after re-opening its “regulatory sandbox”.
Aug 11, 2020

Use of facial recognition technology was unlawful but did not contravene article 8 finds Court of Appeal

The Court of Appeal has held that the use of facial recognition technology by the South Wales Police Force (SWP) was unlawful but that its use was proportionate under article 8 of the European Convention on Human Rights (ECHR).
Aug 06, 2020

Council cyber-attack cost estimated at more than £10 million

Redcar and Cleveland Borough Council have said that a cyber-attack that occurred early this year will cost the local authority an estimated £10.144 million.
Jul 27, 2020

Upper Tribunal judge suggests review “long overdue” of appellate mechanisms for Data Protection Act rights

A comprehensive strategic review of the various appellate mechanisms for rights exercisable under the Data Protection Act is “arguably long overdue”, an Upper Tribunal judge has said.
Jul 23, 2020

ICO issues toolkit to help public bodies respond to FOI requests in COVID-19 recovery period

The Information Commissioner’s Office (ICO) has launched an online toolkit to help public authorities respond to Freedom of Information (FOI) requests as organisations prepare to recover from the coronavirus pandemic.
Jul 20, 2020

Government admits failure to carry out Data Protection Impact Assessment for ‘Test and Trace’ programme

The Government has admitted, following a legal challenge from a privacy campaigning organisation, that it deployed the COVID-19 'Test and Trace' programme without carrying out a Data Protection Impact Assessment (DPIA) beforehand.
Jul 02, 2020

Council persuades High Court judge to quash judgment in default in data breach claim after papers posted to empty office during lockdown

The High Court has quashed a judgment in default awarded against the London Borough of Tower Hamlets because pandemic restrictions had made it impossible to the council to receive the claim concerned.
May 22, 2020

Data watchdog relaxes regulatory function to prioritise guidance on complying with law during coronavirus public health emergency

The Information Commissioner’s Office (ICO) will stand down audit work, issue fewer fines and generally use fewer formal powers against organisations that are struggling to meet data protection standards as a result of the COVID-19 pandemic.
Apr 20, 2020

Judge orders fresh hearing in dispute over disclosure of advice to council on tactics in negotiations with supermarket giant

An Upper Tribunal judge has set aside a decision by a First-tier Tribunal (FTT) that upheld – after a freedom of information request – the withholding of an agent’s advice to a local authority on the tactics it should apply in negotiations with Tesco over a proposed development.
Apr 16, 2020

Information watchdog sets out its regulatory approach during COVID-19

The Information Commissioner's Office has issued a statement setting out its regulatory approach during the coronavirus pandemic, saying it will focus on those areas likely to cause the greatest public harm.

  MORE FEATURES

October 01, 2020

Data protection challenges of remote working

Samantha Smith looks at how organisations can handle the data protection challenges of remote working.
September 09, 2020

Data Protection and FOI/EIR requests – coming out of lockdown

Following the ICO's call for councils to make plans for returning to pre-covid levels of FOI work, Damien Welfare, Estelle Dehon, Isabella Buono and Rowan Clapp look ahead to the time when the regulatory environment returns to normal, and requesters are likely to expect their outstanding requests to be answered quickly.
August 20, 2020

Child, mother, journalist – whose rights win out?

Matthew White analyses the first recorded High Court judgment concerning journalistic access to the court file in public law family proceedings.
August 20, 2020

ICO publishes Artificial Intelligence guidance

The Information Commissioner’s Office (ICO) has published the final version of its guidance on Artificial Intelligence and Data Protection. James Cassidy looks at the key points.
July 23, 2020

Data Protection Officers and conflicts of interest

Samantha Smith examines a recent Belgian case where a data protection officer was found to have had a conflict of interest.
July 16, 2020

Disclosure of staff names in FOI requests

Ibrahim Hasan sets out the key considerations for public authorities when an FOI request calls for the disclosure of staff names.
July 16, 2020

FOIA appeals and enforcement: who has the power?

When the First-tier Tribunal decides an information rights appeal and finds in favour of the requestor, who has the responsibility for enforcing any non-compliance with that judgment? Is it the FTT, or is it the Information Commissioner? Christopher Knight examines an interesting judgment.
June 29, 2020

Private registered providers and the EIRs

The Upper Tribunal has confirmed private registered providers are not subject to the Environmental Information Regulations. Kate Dimes Letters and Andrew Latham look at the key points of the ruling.
June 05, 2020

The public interest test under EIR and FOI: weighting the arguments

A recent decision of the Upper Tribunal, under the Freedom of Information Act 2000 (FOI), provides a useful reminder of what a public authority needs to do when applying the public interest test, writes Ibrahim Hasan.
April 09, 2020

Data breaches and vicarious liability: employers breathe a sigh of relief

In an important judgment, the Supreme Court has ruled that an employer was not vicariously liable for the actions of an employee who stole and then posted payroll details of his colleagues online. Ibrahim Hasan examines the ruling.
April 03, 2020

Coronavirus and Police use of drones

Ibrahim Hasan looks at the significant issues arising out of the police's use of drones during the coronavirus outbreak.
March 26, 2020

Data protection and coronavirus

The Information Commissioner's Office has issued guidance for data controllers on their data protection compliance obligations during the coronavirus outbreak. Euros Jones, Alexander Gorst and Natasha Jordan look at the key points.
January 24, 2020

Legal privilege and the EIRs

A local authority was recently ordered to disclose legally privileged material under the Environmental Information Regulations 2004. Natasha Stay considers the ruling.
November 29, 2019

Facing the future

Rowan Clapp looks at the key points from the Information Commissioner’s opinion on live facial recognition technology, law enforcement and privacy.
November 15, 2019

When is an FOI request not an FOI request?

Susan Wolf sets what organisations should bear in mind when considering whether something is 'business as usual' or an FOI request.
November 08, 2019

Google v CNIL and the Right to be Forgotten

A recent ruling from the Court of Justice of the European Union makes it clear that the ‘Right to be Forgotten’ in the context of Google searches has its limits, writes Ibrahim Hasan.
November 01, 2019

GDPR, class actions and the right to compensation

The Court of Appeal recently overturned a High Court ruling and found that a claimant could serve an out of jurisdiction application against Google as part of a class action. Ibrahim Hasan examines the judgment.
September 13, 2019

Digital duties

Monitoring Officers must ensure good governance over data and social media, writes David Kitson.
September 13, 2019

Brexit and data protection

Damien Welfare sets out what you need to know when it comes to Brexit and data protection.
September 06, 2019

Automated facial recognition, privacy and data protection law

The Divisional Court has found that police use of automated facial recognition was a justified privacy intrusion. Robin Hopkins sets out the key findings in a landmark case.