Only the most selective readers working in the legal sector (and no readers of this blog) can have failed to hear something about the impending changes to data protection law, the most significant in 20 years. From 25 May 2018, the new General Data Protection Regulation (“GDPR”) will take effect across the EU. The equivalent directive applicable to data protection in the law enforcement context will take effect on 6 May. Both are to be implemented and given effect in domestic law by the Data Protection Act 2018, which is currently making its way through Parliament and will replace the Data Protection Act 1998.

There will be few contracts for the provision of procured services which will not involve the supplier engaging in some processing of personal data, be that of end-user customers or of employees of the procuring public body. All public contracts ought to contain some treatment of data protection issues, which outline the allocation of responsibilities between the parties and the standards required of the supplier. Continue reading →

As a result of the Freedom of Information (Additional Public Authorities) Order 2018 (SI 2018/173), a series of new public authorities have been added to Schedule 1 of FOIA from 1 May 2018. Continue reading →

Readers of this blog will recall an important DPA judgment, particularly on the legal professional privilege exemption, which came out in January 2017 called Holyoake v Candy & CPC [2017] EWHC 52 (QB) (see the blogpost here). That case has, however, involved various pieces of satellite litigation including a 193 page judgment of Nugee J handed down just before Christmas in Holyoake & Hotblack v Candy & Candy & others [2017] EWHC 3397 (Ch). Continue reading →

Just in time to be printed and put in your stocking came everyone’s favourite Christmas tradition: a special helping of Brussels. In this case, a judgment of the CJEU in Case C-434/16 Nowak v Data Protection Commissioner (ECLI:EU:C:2017:994) about the application of the Data Protection Directive to examination scripts and examiner comments. Continue reading →

Continuing its consistent run of FOIA judgments which add very little to the jurisprudence is the Court of Appeal’s effort in Willow v Information Commissioner & Ministry of Justice [2017] EWCA Civ 1876. The information requested was a prisoner restraint techniques manual used in youth offender institutions, and the Commissioner and FTT had upheld the application of the section 31(1)(f) exemption, i.e. information prejudicial to the maintenance of security and good order in prisons or other institutions in which people are detained. The Court of Appeal had to consider the public interest balance and the extent to which that was or was not affected by the UN Convention on the Rights of the Child (“UNCRC”) (an unincorporated treaty). Continue reading →

On 6 December a firm of loss adjustors, its director and a senior employee were convicted, alongside private investigators, of a series of offences under s.55 of the Data Protection Act 1998. Continue reading →