Panopticon – Page 30 – Information law blog, from 11 KBW

GDPR financial penalties: €50m for Google in France

Posted on 22nd January 2019 | by Robin Hopkins

Perhaps the most commonplace GDPR soundbite concerns swingeing financial penalties: in the most serious cases, up to €20m or 4% of global annual turnover, whichever is the greater. We have now had our first flexing of that maximal muscle, in the form of the decision of the French supervisory authority, the CNIL, to impose a €50m penalty on Google. The CNIL’s decision, announced yesterday, is summarised here. (The penalty notice itself is not yet available in English).

Notable features of the case include the following: Continue reading →

Open Up: ICO Consultation on FOIA/EIR

Posted on 15th January 2019 | by Christopher Knight

News comes our way of a consultation exercise being run by the ICO on its new proposed ‘Access to Information Strategy’. You can read more about it here. Titled ‘Openness by Design’, it is a proposed strategy which will – in particular – aim to improve standards of openness, transparency and participation on the part of public authorities, including by increasing the impact of enforcement activity through targeting of systemic non-compliance. That is probably the most significant headline of the draft, but there are a number of aims to improve confidence in the openness and accountability of public authorities, by greater proactivity on the part of the ICO. Consultation responses are sought by 8 March 2019.

Christopher Knight

s35 FOIA Updates from the Upper Tribunal

Posted on 14th January 2019 | by Christopher Knight

A couple of recent Upper Tribunal cases have been handed down on the section 35(1) FOIA exemption for the formulation or development of government policy and for Ministerial communications. Both concern documents produced at the highest levels of Government. Both nudge the jurisprudence on a little bit, and both are worth being aware of for those concerned. Continue reading →

It’s My Party and I’ll Cry/Sue for Accreditation if I Want To

Posted on 10th January 2019 | by Christopher Knight

How does data protection law feed into, and support, challenges to police action in the form of refusing press accreditation for a political party conference? The Divisional Court considered this in R (Segalov) v Chief Constable of Sussex Police & Chief Constable of Greater Manchester Police [2018] EWHC 3187 (Admin). Continue reading →

Death and the DPA

Posted on 10th January 2019 | by Christopher Knight

Death may be the great leveller, but does it also bring to an end an appeal brought under section 28(4) of the Data Protection Act 1998 against a national security certificate issued by the Secretary of State? The answer of the Upper Tribunal in Campbell v Secretary of State for Northern Ireland [2018] UKUT 372 (AAC) was: Yes. Continue reading →

Are you thinking what I’m linking? Liability for hyperlinks

Posted on 20th December 2018 | by Leo Davidson

Many users of the internet know all too well the hidden dangers of hyperlinks. Now the European Court of Human Rights has considered the extent to which those posting links are responsible for the third party content being linked to, in Magyar Jeti Zrt v Hungary (Case no. 11257/16).

In 2013, a Hungarian politician drew a link between racist assaults by football fans and Jobbik, a right-wing Hungarian political party. A recording of his remarks was uploaded to YouTube. When reporting the story, 444.hu – a news website operated by the applicant company – included a hyperlink to the recording, without repeating the defamatory content in the body of their article. Continue reading →

WordPress + Bootstrap