Skip to main content

Insights & News

Search for Insights & News

  • Data issues when tracking productivity with employees working from home

    10 August 2022

    Linda Hynes has provided insight on the data issues that may occur when companies use technology to track productivity when working from home.

  • Diversity monitoring: what to collect and how to comply with the law

    19 June 2022

    To improve the diversity of your workforce, you need to measure it, and this means collecting and monitoring data. But what questions should you ask employees about their individual characteristics and how can you handle that information lawfully? This article takes an in-depth look at these questions.

  • Coronavirus vaccination - FAQs for employers

    06 April 2022

    On 21 February the government launched its “Living with Covid” strategy”. As a result of this, many of the Covid measures in England have changed significantly with implications for employers wishing to adopt a particular stance on vaccination.

  • It’s official Summer is here…the new UK SCCs consultation is out!

    17 August 2021

    On 11 August, the Information Commissioner’s Office (ICO) published its long awaited consultation on the international data transfer mechanisms that it proposes to be used in a post-Brexit world.

  • Home and away when working from home means working abroad

    29 October 2020

    Covid-19 is causing many employees to ask if they can work from “home” for an extended period in an overseas country - for example, because it is their home nation or their family is based there. This article explains the potential legal issues and how to avoid the traps.

  • Looming lockdowns and remote working – to what extent can employees be monitored?

    28 October 2020

    With reports of businesses increasingly taking steps to monitor staff who are working remotely, this article discusses the legal considerations and how employers can strike an appropriate and fair balance between work and home life.

  • Dealing with Data Subject Access Requests

    27 October 2020

    Receiving a Data Subject Access Request (a ‘DSAR’) can be tricky for any organisation. In addition to the additional work created for overstretched IT, HR and data privacy personnel, the potentially thousands of documents that a DSAR can cover need to be analysed, redacted and reproduced for the data subject, all within the deadline of a calendar month.

  • ICO publishes updated Data Subject Access Request guidance

    23 October 2020

    Two and a half years after the GDPR came into force, the ICO have published their long awaited guidance on Data Subject Access Requests (“DSARs”).

  • Record €35 million fine for excessive employee monitoring

    08 October 2020

    An employer in Germany has been fined over €35 million under the General Data Protection Regulation for unlawfully monitoring its employees. What impact could this have on employers in the UK?

  • Data privacy and trust in the workplace – is a profound shift underway?

    02 July 2020

    “It takes a lot to inform massive shifts in our thinking, ways we work, ways we live, ways we imagine our worlds. What it takes for that massive shift isn’t just technology, it is apparatus and systems sitting around that to make it appear trustworthy and safe.” Genevieve Bell Director 3Ai, VP and Senior Fellow at Intel

  • ICO survey on processing data about criminal convictions

    31 January 2020

    The ICO wants to find out if data controllers understand the data protection issues involved in processing information about criminal offences and convictions

  • Cookie consent is a box-ticking exercise after all!

    16 October 2019

    The European Court of Justice (ECJ) has provided welcome clarity on the consent requirements around the use of cookies by website operators. As if it were ever in doubt, pre-ticked boxes cannot be used as a means of obtaining a website user’s consent to the use of cookies.

  • Processing personal data and consent in the employment context – what are the issues?

    07 August 2019

    The Hellenic Data Protection Authority has imposed a €150,000 fine against an employer which had inappropriately relied on consent as the lawful basis for processing employee data. This decision is an important reminder for employers and data controllers on the limitations of using consent as a valid basis for processing employee data in the post- 25 May 2018 EU General Data Protection Regulation (“GDPR”) landscape.

  • Data security breaches - a tale of two airlines

    25 July 2019

    Recent decisions by privacy regulators in the United Kingdom and Hong Kong have highlighted contrasting approaches towards data security breaches affecting customers of two major airlines.

  • The Law, the ‘Outlaws’ and Ad Tech’s O.K. Corral

    26 June 2019

    Programmatic advertising is often likened by commentators to the Wild West: some because they consider it to be a lawless place where anything goes; others because it pushes boundaries and is creating a new frontier. Wherever you stand on that metaphor, ad tech is looking like it’s about to have its own ‘Gunfight at the O.K. Corral’ moment – a shootout in the EU prompted by a long-simmering feud between privacy’s ‘lawmen’ and the advertising industry’s ‘outlaws’ finally boiling over.

  • A Trailer for GDPR Season 2: Creating a ‘Culture of Accountability’

    19 June 2019

    In our previous article*, we looked at some key scenes from the first season of the GDPR. This next part takes a peak at what’s likely to be the main plot for season 2 (spoiler alert).

  • GDPR Season 1: Off to a Slow Start?

    30 May 2019

    Like winter in the popular HBO series Game of Thrones, privacy professionals warned that ‘GDPR is coming’ many months, years even, before the army of supervisory authorities (SAs) and data subjects started to amass on their doorsteps. For the most part, the warning fell on deaf ears. It was only when the first snows had already started to fall, signalling the imminent arrival of winter, that GDPR preparations began in earnest – with panic soon turning into hysteria, for some.

  • Employee ordered to pay over £500,000 in legal costs in a dispute involving breach of restrictive covenants and data privacy

    24 May 2019

    Following a trial in the High Court where an employer was successfully awarded final injunctions to prohibit a former employee from breaching post-termination restrictions (“PTRs”), the losing employee was ordered to pay 90% of his former employer’s legal bill.

  • Employees fined for unlawfully obtaining data

    25 March 2019

    It is not just businesses that need to worry about the long arm of data protection, the Information Commissioner’s Office (“ICO”) has warned, after two employees were convicted of unlawfully accessing personal data and fined

  • Court of Appeal holds employer liable for wrongful disclosure of personal data by ‘rogue’ employee

    24 October 2018

    The supermarket chain Morrisons had an internal auditor who went rogue. Aggrieved at an internal disciplinary process, he disclosed payroll data on the internet relating to about 100,000 of his colleagues. He was tracked down, charged and sentenced to eight years in prison. But was Morrisons liable to the employees whose information he had leaked?

Back To Top