We all sort of know that the Data Protection Act 1998 didn’t apply to stuff people say orally, don’t we? But pointing to an authority that said so is rather harder. Luckily, now we have one: Scott v LGBT Foundation Ltd [2020] EWHC 483 (QB). Continue reading
Newsflash – Supreme Court grants permission in Lloyd v Google
The decision, which is hardly surprising, will doubtless be welcomed by all controllers. The hearing before the Supreme Court is not expected until the end of 2020, early 2021. Further updates will of course be posted on Panopticon in due course!
Anya Proops QC
Spam sandwiches: Tribunal dismisses Leave.EU PECR appeals
Regulation 22 of PECR 2003 – the prohibition on non-consensual electronic direct marketing communications – has been a favourite ICO hunting ground for monetary penalties for many years. Nevertheless, its dos and don’ts have remained stubbornly fuzzy at the edges. Thankfully, the Tribunal’s most recent decision on direct marketing communications is helpful and illuminating. It’s also quite entertaining: a nice montage of Arron Banks, spam, kangaroos and stuff. Continue reading
Of Tweeting and Transgender Rights
Over the years, Panopticon has discussed a number of cases about the powers of the police to record, retain, and disseminate information about individuals. The judgment of Mr. Justice Julian Knowles in R (ota Harry Miller) v (1) The College of Policing, and (2) The Chief Constable of Humberside [2020] EWHC 225 (Admin) is a significant contribution to the law in this area. In Panopticon terms the case is unusual, in that the issues are discussed by reference to the right to freedom of expression under Article 10 of the European Convention on Human Rights (“ECHR”), rather than by reference to Article 8 or data protection legislation.
An important part of the context for the case is the current political controversy regarding the status of transgender people, including proposals to reform the Gender Recognition Act 2004 so as to replace the current requirements for obtaining a Gender Recognition Certificate (GRC) with an approach that places greater emphasis on an individual’s self-identification of their gender. Reforms along these lines were the subject of a Government consultation in 2018. In this respect also, the case takes Panopticon into hitherto unchartered waters. Continue reading
The CJEU is Always Watching
In the spirit of the Panopticon, it is good to know that the CJEU is always watching. Or at least, it is broadly content with those who are in its recent decision of Case C-708/18 TK v Asociatia de Proprietari bloc M5A-ScaraA (EU:C:2019:1064) – snappy eh? Continue reading
International Data Transfers: Life in Standard Clauses Yet
Just in time for Christmas, Advocate General Saugmandsgaard Øe has handed down his Opinion in Case C-311/18 Data Protection Commissioner v Facebook Ireland Ltd & Schrems (EU:C:2019:1145). As was noted in our post following the oral hearing (here), the reference concerns the compatibility of the European Commission’s standard contract clauses decision (or at least one of them) with Charter rights, Directive 95/46/EC, the GDPR and the CJEU’s case law (particularly Schrems 1: see here). Continue reading