Indiana Jones and the EU-US Privacy Shield – Updated

February 3rd, 2016 by Christopher Knight

Just like the Ark of the Covenant, the Holy Grail, bizarre alien crystal skull things and whatever it was they were looking for in the Temple of Doom, there is another object of great supposed power and endless fascination. Known only as the ‘EU-US Privacy Shield’ – to be wielded with the mighty Sword of Data no doubt – it is rumoured to have the ability to prevent secret intelligence-harvesting, solve personal data disputes and single-handedly rescue inter-state trade. Like a less exciting Corby trouser press. And now this amazing artefact has been uncovered, by the European Commission no less, buried at the bottom of a Brussels file marked ‘Desperate Ideas to Buy Time’.

Read more »

 

Free expression vs reputational rights: liability of online intermediaries

February 2nd, 2016 by Robin Hopkins

If you take the view that a reader’s comments about you posted on a news website infringe your privacy or data protection rights, should you be able to sue the website (as opposed to the author of the comments)? This question is enormously important. It reflects our evolving legal, social and ethical approach to resolving tensions between freedom of expression and privacy. It goes to the heart of both online journalism and internet business models. A new judgment given today makes an important contribution to this debate – and will be seen as heartening for advocates of free expression in an online world. Read more »

 

[Insert Safe Harbor Pun Here]

February 2nd, 2016 by Christopher Knight

Readers will recall a minor data protection development last year in Case C-362/14 Schrems, in which the CJEU annulled the Safe Harbor (or Harbour) framework under which data had been merrily being transferred from the EU to the US without, apparently, breaching the eighth data protection principle (in strictly DPA terms). It prompted rather a lot of commentary online, including here and here, as well as some frantic reassurances from the European Commission discussed by me here. Readers may also recall the warning issued by the Article 29 Working Party that if a solution wasn’t found by the end of January, they would be take appropriate action (drum roll please). Read more »

 

Enhanced Criminal Records Check Mate

January 23rd, 2016 by Christopher Knight

One might have thought, following the judgments of the Court of Appeal (noted here) and the Supreme Court (noted here) in R (T) v Chief Constable of Greater Manchester Police [2014] UKSC 35, that there was little left to say about enhanced criminal records certificates (ECRC). After all, the Government had, with moderate grace, gone away after the Court of Appeal loss and drafted a revised set of rules in the Rehabilitation of Offenders Act (Exceptions) Order 1975 (Amendment) (England and Wales) Order 2013 (SI 2013/1198) which sought to better implement the Article 8 ECHR balance between the needs of employers and the need for long-distant misbehaviour not to be a permanent stain. But that thought fatally undervalues the ingenuity of lawyers (as well as the breadth of application of the ECRC regime). Read more »

 

Keynote speaker announced at the 11KBW Information law conference: Sir Michael Tugendhat

January 20th, 2016 by Claire Halas

We are delighted Sir Michael Tugendhat will be delivering the key note address on “Remedies and the Law of Privacy” at this year’s Information Law Conference. Sir Michael was the High Court’s senior media judge from October 2010 until his retirement in June 2014, presiding over a number of high-profile and important cases. Before his appointment to the bench he was a leading practitioner in defamation and media law, and he is the co-author of Tugendhat & Christie: The Law of Privacy and the Media (3rd ed., 2016, forthcoming).

For more details on the Information law conference click here.
EARLY BIRD DISCOUNT – 10% off if you book before 15th February 2016 on both half and full day places.

 

Employer was entitled to access employee’s private Yahoo! messages (and to sack him)

January 13th, 2016 by Robin Hopkins

Employers very often wish to monitor how their employees are using work computing facilities during office hours. They may suspect wrongdoing, such as improper use of confidential client or business information, or accessing material which is prohibited by the employer’s policies. They may be concerned about employees using work facilities – and work time – for personal communications. Can the employer investigate by accessing the employee’s communications without their knowledge? Read more »