NT1 + NT2 = Blogging to the Power of A Million (Words)

April 13th, 2018 by Christopher Knight

It has taken some time for the principles recognised – somewhat ambiguously – in Google Spain to be tested in the English courts. Although the so-called right to be forgotten has rarely left the public memory (at least of that wretched and spindly section of the public which is interested in data protection), taking on Google takes guts, money and an ability to overlook the risk of the Streisand effect. NT1 & NT2 v Google LLC [2018] EWHC 799 (QB) is the battle royale you have been waiting for. But if you want brevity, look elsewhere. Read more »


A Judgment to Remember

April 13th, 2018 by Christopher Knight

The judgment of Warby J in NT1 & NT2 v Google LLC [2018] EWHC 799 (QB) – the first (and second) right to be forgotten trials in England and Wales – has now been handed down. You can read it here and there is a summary here. Who wins? It’s a 1-1 draw, with Google winning on the facts of NT1 and losing on the facts of NT2. Read more »


Marketing consent emails – ICO issues two monetary penalties

April 4th, 2018 by Anya Proops QC

Ok so hands up whose email inbox has recently been littered with emails inviting you to consent to receiving marketing communications or otherwise inviting you to update your marketing preferences. ‘Why is this happening?’ you may well ask? Well it’s happening because companies which want to be able to send you lots of nice marketing material for now and evermore are worried that, when the GDPR comes into force, with its new much stricter rules on consent, they won’t be able to send you such invitations and will get into trouble with the ICO if they do so. Which raises the interesting question of whether sending such emails is itself permissible under the existing legislative regime. Read more »


Malnick: section 36 reasonableness and the functus ICO

March 5th, 2018 by Robin Hopkins

The Upper Tribunal’s most recent judgment – IC v Malnick and ACOBA (GIA/447/2017) – is a rare thing these days: a binding decision that makes a meaningful and general (rather than fact-specific) contribution to FOIA jurisprudence. In particular, it tells us (1) how to assess the reasonableness of a qualified person’s opinion for section 36 FOIA purposes, and (2) whether the FTT can remit a case to the ICO for a fresh decision if it allows an appeal. Read more »


Remembering the Right to be Forgotten

February 21st, 2018 by Christopher Knight

It all seems a long time ago that the CJEU handed down its judgment in Google Spain and inculcated the right to be forgotten doesn’t it? Commentators – including here and here – opined with varying degrees of wailing and gnashing of teeth about the implications of it, and how endless litigation was anticipated. But there hasn’t been all that much. The lion has been sleeping so far.  Read more »


Procuring GDPR Compliance

February 21st, 2018 by Christopher Knight

Only the most selective readers working in the legal sector (and no readers of this blog) can have failed to hear something about the impending changes to data protection law, the most significant in 20 years. From 25 May 2018, the new General Data Protection Regulation (“GDPR”) will take effect across the EU. The equivalent directive applicable to data protection in the law enforcement context will take effect on 6 May. Both are to be implemented and given effect in domestic law by the Data Protection Act 2018, which is currently making its way through Parliament and will replace the Data Protection Act 1998.

There will be few contracts for the provision of procured services which will not involve the supplier engaging in some processing of personal data, be that of end-user customers or of employees of the procuring public body. All public contracts ought to contain some treatment of data protection issues, which outline the allocation of responsibilities between the parties and the standards required of the supplier. Read more »