Data protection and coronavirus

The Information Commissioner's Office has issued guidance for data controllers on their data protection compliance obligations during the coronavirus outbreak. Euros Jones, Alexander Gorst and Natasha Jordan look at the key points. Read more
Slide background
Slide background
Slide background

  NEWS

Mar 23, 2020

LGA issues briefing on Coronavirus Bill, calls for temporary relaxation of FOI and GDPR requirements

The Local Government Association has called for additional powers to be given to local government as it published a briefing on the measures contained in the Coronavirus Bill.
Mar 17, 2020

Town clerk fined for blocking records with intent to prevent disclosure after FOI request

A town clerk has been fined £400 and ordered to pay costs of £1,493 after being prosecuted by the Information Commissioner’s Office for intentionally blocking records with the intent to prevent disclosure.
Mar 17, 2020

Government to consider allowing virtual committee meetings on temporary basis: Jenrick

The government is to consider bringing forward legislation to legislation to allow council committee meetings to be held virtually for a temporary period during the coronavirus outbreak, the Local Government Secretary has said.
Mar 11, 2020

Information watchdog warns of dangers of school photos and wrongful disclosure of personal data

The Information Commissioner’s Office has issued two reprimands, or legal warnings, to schools for wrongly disclosing the personal data of children.
Feb 06, 2020

More than two-thirds of council websites do not adhere to GDPR on consent, investigation finds

A BBC investigation into 400 council websites across the UK has found that more than two-thirds did not appear to ask for the correct form of consent under GDPR.
Jan 30, 2020

University pays out more than £142,000 to affected students after data breach

The University of East Anglia has paid out £142,512 to students after their personal details were mistakenly sent to hundreds by email.
Jan 07, 2020

Council officer ordered to pay £900+ after accessing social care records without authorisation

A former Reablement Officer at Walsall Metropolitan Borough Council has been prosecuted by the Information Commissioner’s Officer for accessing social care records without authorisation.
Dec 18, 2019

Councillor from neighbouring authority fails in bid to obtain legal advice on planning application after Tribunal upholds privilege

The First-tier Tribunal (General Regulatory Chamber) has rejected an appeal lodged against the Information Commissioner by a member of Leeds City Council concerning a planning application for a field adjacent to his ward but in Harrogate Borough Council’s area.
Dec 09, 2019

Former council worker sentenced for unlawfully obtaining personal data

A former social services support officer at Dorset County Council has been prosecuted for accessing social care records without authorisation.
Dec 04, 2019

ICO consults on new draft guidance on Subject Access Requests under GDPR

The Information Commissioner has launched a consultation on new draft guidance for organisations on how to handle Subject Access Requests (SARs) under the GDPR.

  FEATURES AND ANALYSIS

January 24, 2020

Legal privilege and the EIRs

A local authority was recently ordered to disclose legally privileged material under the Environmental Information Regulations 2004. Natasha Stay considers the ruling.
November 29, 2019

Facing the future

Rowan Clapp looks at the key points from the Information Commissioner’s opinion on live facial recognition technology, law enforcement and privacy.
November 15, 2019

When is an FOI request not an FOI request?

Susan Wolf sets what organisations should bear in mind when considering whether something is 'business as usual' or an FOI request.
November 08, 2019

Google v CNIL and the Right to be Forgotten

A recent ruling from the Court of Justice of the European Union makes it clear that the ‘Right to be Forgotten’ in the context of Google searches has its limits, writes Ibrahim Hasan.
November 01, 2019

GDPR, class actions and the right to compensation

The Court of Appeal recently overturned a High Court ruling and found that a claimant could serve an out of jurisdiction application against Google as part of a class action. Ibrahim Hasan examines the judgment.
September 13, 2019

Digital duties

Monitoring Officers must ensure good governance over data and social media, writes David Kitson.
September 13, 2019

Brexit and data protection

Damien Welfare sets out what you need to know when it comes to Brexit and data protection.
September 06, 2019

Automated facial recognition, privacy and data protection law

The Divisional Court has found that police use of automated facial recognition was a justified privacy intrusion. Robin Hopkins sets out the key findings in a landmark case.

  MORE NEWS

Dec 04, 2019

ICO regulatory enforcement lawyer moves to St John’s Buildings

A regulatory enforcement lawyer at the Information Commissioner’s Office, Aaminah Khan, has joined St John’s Buildings.
Dec 02, 2019

Information Commissioner consults on draft guidance for explaining use of AI in decision-making about individuals

The Information Commissioner’s Office has launched a consultation on new draft guidance for organisations using, or thinking about using, artificial intelligence (AI) to support or make decisions about individuals.
Nov 28, 2019

Met Police agrees to delete information after referral of primary school age child under Prevent programme

The Metropolitan Police has agreed to delete information relating to a referral of a primary school age child under the government’s Prevent programme, and other referring authorities have also agreed to correct and delete the relevant records.
Nov 15, 2019

Information watchdog updates guidance for data controllers on protecting ‘special category data’

The ICO has issued updated guidance on special category data, to which data controllers must give extra protection under the GDPR.
Nov 13, 2019

Information watchdog consults on being granted investigation and other powers under POCA

The Information Commissioner has launched a consultation on her office being granted access to investigation and other associated powers under the Proceeds of Crime Act 2002 (POCA).
Nov 01, 2019

Tribunal orders council to disclose instructions sent to QC over motion for ‘call-in’ of planning applications

The First-tier Tribunal has ordered Ryedale District Council to disclose the briefing question it sent to a Queen’s Counsel seeking advice on a motion in which councillors sought for competing retail planning applications to be ‘called in’.
Oct 31, 2019

Information Commissioner issues first ‘Opinion’ under Data Protection Act

The Information Commissioner, Elizabeth Denham, has issued her first Commissioner’s Opinion under the Data Protection Act 2018, setting out her advice and recommendations on the police’s use of ‘live facial recognition’ (LFR).
Oct 31, 2019

Upper Tribunal orders fresh hearing in dispute over refusal by council to disclose advice of independent person

A local resident who complained about the conduct of a councillor at Stratford-on-Avon District Council over a planning matter has secured a fresh hearing over the council’s refusal to disclose advice given by an independent person.
Oct 29, 2019

Victim of serious crime receives compensation for data breach by public inquiry

A victim of serious crime whose personal information was shared by a public inquiry with third parties in a serious personal data breach has been paid compensation greater than the amounts awarded by courts thus far, it has been reported.
Sep 16, 2019

Councils withholding or heavily redacting information requested under Local Audit and Accountability Act 2014: report

Local authorities are refusing to let the public access key information on how their money is being spent, the Bureau of Investigative Journalism has claimed.
Sep 10, 2019

NHS trust launches investigation into serious data breach at gender identity clinic

The Tavistock and Portman NHS Foundation Trust has said it is investigating a data security incident reportedly involving the Charing Cross Gender Identity Clinic.
Sep 05, 2019

Divisional Court dismisses legal challenge over police use of automated facial recognition

A Divisional Court has dismissed a challenge to police use of Automated Facial Recognition (AFR) in what is thought to be the first time any court in the world has considered the technology.
Aug 27, 2019

Information watchdog identifies three key GDPR compliance challenges for town and parish councils

The Information Commissioner’s Office has set out what it considers to be the three GDPR compliance challenges for town and parish councils.
Aug 16, 2019

ICO to investigate legality of landlord’s use of facial recognition technology

The use of facial recognition technology at an office, leisure and retail development in King's Cross is to be investigated for compliance with data protection rules, the Information Commissioner has said.
Jul 16, 2019

Information Commissioner consults on updated code of practice for data sharing

The Information Commissioner’s Office has launched a consultation on an updated code of practice for data sharing.
Jun 05, 2019

Information Commissioner says £325 charge for accessing environmental information “unreasonable”

A charge of £325 imposed by Folkestone and Hythe District Council for accessing environmental information was unreasonable, the Information Commissioner’s Office has said in a decision notice.
May 22, 2019

High Court hears legal challenge to police use of automated facial recognition

The High Court, sitting in Cardiff, is this week hearing the first challenge to the use of automated facial recognition by UK police.
May 01, 2019

Surveillance Camera Commissioner warns against blanket use of CCTV recording in taxis and PHVs

Blanket use of CCTV recording in taxis and private hire vehicles would be disproportionate and should be imposed only where a strong justification exists, the Surveillance Camera Commissioner has said.
Apr 30, 2019

Nearly half a million FOI requests made to councils each year: research

Around 467,000 Freedom of Information (FOI) requests are now made to local councils every year — almost double a previous estimate by UCL’s Constitution Unit in 2010, research by mySociety has found.
Apr 25, 2019

Police force breached data protection rights of vulnerable teenager by disclosing information, court rules

The High Court has ruled that Sussex Police unlawfully disclosed information about a vulnerable teenager to a local business organisation.
Apr 18, 2019

Data protection law not a barrier to sharing information to save lives and stop crime: ICO

The Information Commissioner’s Office has issued a reminder to public and private organisations that the GDPR and the Data Protection Act 2018 do not stop them from disclosing personal data to assist police forces or other law enforcement authorities.
Apr 17, 2019

Social worker given caution notice by regulator after sending confidential documents to personal email

A Rutland County Council social worker has been handed a caution notice in force for 36 months by the Health and Care Professions Tribunal Service.
Apr 10, 2019

ICO fines production company £120,000 for unlawful filming in maternity clinic

The Information Commissioner’s Office has issued a £120,000 on a television production company which unfairly and unlawfully filmed patients at a maternity clinic.
Apr 08, 2019

Ex-GP practice manager fined for emailing personal data to own account without authorisation

A former GP practice manager has been fined for sending personal data to her own email account without authorisation, following an investigation by the Information Commissioner’s Office (ICO).
Apr 04, 2019

Council fined £145k for disclosing sensitive personal data about alleged gang members

The Information Commissioner’s Office (ICO) has fined the London Borough of Newham £145,000 for disclosing the personal information of more than 200 people who featured on the ‘Gangs Matrix’ police intelligence database.

  MORE FEATURES

July 05, 2019

GDPR: one year on

What have we learned from the 12 months that the General Data Protection Regulation has been in force? Ibrahim Hasan reports.
June 28, 2019

GDPR and enforcement notices

Ibrahim Hasan examines the lessons to be learned from the first two GDPR enforcement notices.
Data inspection iStock 000008204804XSmall 146x219
June 07, 2019

Data protection and wider complaints or disputes

Andrew Gallie looks at how issues may arise in practice when data protection is used as part of a wider complaint, and suggests some pointers on how to respond.
Police photo iStockphoto standard 146x219
May 31, 2019

Sharing data and law enforcement

The High Court has issued an important ruling on sharing data for law enforcement purposes. Alessandra Gettins, Hugh Giles and Andrew Latham look at the lessons for police forces and their partner agencies.
Environment 146x219
April 05, 2019

Housing associations and the EIR

Peter Coe and Eeshma Qazi examine whether or not housing associations should comply with the environmental information regulations.
Internet New 47833064 s 146x219
March 28, 2019

Social work spies? (Yes, you over there I’m talking to you…)

Lucy Reed examines the lawfulness of social workers using Facebook and employing other techniques to gather evidence in child protection cases.
Predictive Analytics 77163075 s
March 01, 2019

Predictive analysis – an introduction and considerations

Paul Feild examines the legal and other issues raised by the use by local authorities of predictive analysis, 'Big Data' and machine learning.
Data protection iStock 000011177922XSmall 146X219
January 11, 2019

Making GDPR British

New regulations set out the UK’s post Brexit data protection landscape. Ibrahim Hasan sets out the key points.
Data inspection iStock 000008204804XSmall 146x219
November 23, 2018

Revised s.45 Code of Practice under FOI

Ibrahim Hasan highlights the key points from the new version of the s.45 FOIA Code of Practice.
Drone 36244709 s 146x219
November 09, 2018

New RIPA Codes of Practice

Ibrahim Hasan looks at the key changes in the new RIPA Codes of Practice for Surveillance and Covert Human Intelligence Sources (CHIS).
Data protection iStock 000011177922XSmall 146X219
October 26, 2018

Vicarious liability for data breaches

The Court of Appeal has dismissed supermarket group Morrisons’ appeal over being found vicariously liable for a data breach caused by a rogue employee. Robin Hopkins analyses the ruling.
Data inspection iStock 000008204804XSmall 146x219
September 28, 2018

Information law roundup

Sarah Thorley rounds up recent developments that those dealing with information law in the public sector should be aware of.
Data protection iStock 000011177922XSmall 146X219
July 27, 2018

Mixed data in the Court of Appeal

The Court of Appeal has considered the correct approach to dealing with mixed personal data. Rupert Paines analyses its ruling.
Data inspection iStock 000008204804XSmall 146x219
July 27, 2018

GDPR and civil claims

Kate Bear analyses some of the areas of concern for local authorities when it comes to GDPR and the handling of civil claims.
Camera 146x219
June 15, 2018

Serving surveillance evidence

When should surveillance evidence be served? Catherine Burt looks at the lessons from a recent appeal involving a city council.
Contract 2 iStock 000003466551XSmall 146x219
June 08, 2018

GDPR and procurement

The introduction of the GDPR has significant implications for procurement practice, writes Jenny Beresford-Jones.
Data inspection iStock 000008204804XSmall 146x219
May 25, 2018

GDPR: updating privacy notices

Are you caught in a last minute rush to update your privacy notice to comply with the forthcoming General Data Protection Regulation (GDPR)? Ibrahim Hasan considers what is involved.
May 17, 2018

GDPR and data protection impact assessments: when and how?

Ibrahim Hasan looks at how data controllers can comply with the obligation to produce data protection impact assessments.
Data protection iStock 000011177922XSmall 146X219
April 27, 2018

Choosing your data protection officer

Penny Bygrave sets out what all public authorities should know about appointing a data protection officer under the GDPR.
Data protection iStock 000011177922XSmall 146X219
April 06, 2018

GDPR and contract negotiations

Azhar Ghose highlights some of the issues that have arisen in contract negotiations of GDPR clauses.