WordPress + Bootstrap

Over the years, Panopticon has discussed a number of cases about the powers of the police to record, retain, and disseminate information about individuals.  The judgment of Mr. Justice Julian Knowles in R (ota Harry Miller) v (1) The College of Policing, and (2) The Chief Constable of Humberside [2020] EWHC 225 (Admin) is a significant contribution to the law in this area.  In Panopticon terms the case is unusual, in that the issues are discussed by reference to the right to freedom of expression under Article 10 of the European Convention on Human Rights (“ECHR”), rather than by reference to Article 8 or data protection legislation.

An important part of the context for the case is the current political controversy regarding the status of transgender people, including proposals to reform the Gender Recognition Act 2004 so as to replace the current requirements for obtaining a Gender Recognition Certificate (GRC) with an approach that places greater emphasis on an individual’s self-identification of their gender.  Reforms along these lines were the subject of a Government consultation in 2018.  In this respect also, the case takes Panopticon into hitherto unchartered waters. Continue reading →

In the spirit of the Panopticon, it is good to know that the CJEU is always watching. Or at least, it is broadly content with those who are in its recent decision of Case C-708/18 TK v Asociatia de Proprietari bloc M5A-ScaraA (EU:C:2019:1064) – snappy eh? Continue reading →

Just in time for Christmas, Advocate General Saugmandsgaard Øe has handed down his Opinion in Case C-311/18 Data Protection Commissioner v Facebook Ireland Ltd & Schrems (EU:C:2019:1145). As was noted in our post following the oral hearing (here), the reference concerns the compatibility of the European Commission’s standard contract clauses decision (or at least one of them) with Charter rights, Directive 95/46/EC, the GDPR and the CJEU’s case law (particularly Schrems 1: see here). Continue reading →

It is often helpful for the appellate courts to give judgments which provide guidance to assist decision-makers and lower courts in applying the law to different, but similar, cases. After all, if the law is being decided by reference to applicable principles, those ought to be able to give guidance beyond the very specific facts of the case. It has, however, been a disappointingly regular feature of the Court of Appeal’s approach to FOIA and EIR generally to disapprove of such guidance as the Upper Tribunal has sought to provide (fair enough) and replace that guidance with nothing at all (less fair). Continue reading →

Our 2020 Information Law Conference brings together 11KBW’s market-leading specialists to provide updates on the law and practicalities relating to data protection, privacy and freedom of information.

Topics covered include;

• data breaches and the dynamics of civil litigation – group litigation and representative actions
• data breaches: what’s it worth? damages and penalties
• general privacy update: scope of the controller concept, subject access, privacy shield, etc
• the future of e-privacy and e-commerce
• privacy and the media: recent developments and trends
• FOIA/EIR update
• Privacy laws in a post-Brexit world?

What last year’s delegates said about the conference:
“A really informative, engaging day.  The range of topics was excellent, as were the speakers.”
“Always excellent to hear speakers who know exactly what they are talking about”
“Excellent, best conference covering information law” Continue reading →

By which we mean: some that we did miss blogging about. With apologies and better late than nevers, here’s a round-up of three recent(ish) cases worthy of note. In R (Open Rights Group) v SSHD digital campaigners Open Rights Group and The3million (campaigning on behalf of so many EU Citizens living in the UK) challenged the immigration exemption – one of the few new features in the DPA 2018 that strengthens the controller’s hand – as incompatible with fundamental charter rights to privacy and protection of personal data. They also contended that it was too broad, vague and lacking in the safeguards required by the parent Article 23 GDPR (which enables Member States to enact domestic exemptions). Continue reading →