The medical profession is only too used to the occasional outbreak of SARS. It is perhaps a little less used to an influx of SARs, as made under section 7 of the Data Protection Act 1998. In the case of the General Medical Council, requests for personal data will involve very sensitive data and just as sensitive issues of balance and extraction of the data of different parties. So it was in Dr DB v General Medical Council [2016] EWHC 2331 (QB).
ICO Speaks at the 11KBW GDPR Conference
We are delighted to announce that the Interim Deputy Commissioner at the ICO, Steve Wood, will be our guest speaker at the 11KBW GDPR Conference on 13th October 2016.
For more details about the conference click here.
11KBW nominated for 3 awards at the 2016 Chambers Bar Awards
We are delighted to announce that Chambers has received 3 nominations in this year’s Chambers and Partners Bar Awards; Anya Proops QC has been nominated for Defamation Silk of the Year; Jane McCafferty for Employment Law Junior of the Year; and Chambers for Employment Law Set of the Year.
The award ceremony takes place on 27th October 2016 at the London Hilton, Park Lane. Full nomination list click here.
Data Protection and Company Registers
Some of you will be aware that Companies House is proposing to reduce the amount of time its records are retained from twenty years to six, citing various drivers including data protection concerns. This has caused a certain amount of consternation and pooh-pooing in the press, for understandable journalistic reasons. But on 8 September 2016, AG Bot handed down an Opinion in Case C-398/15, Camera di Commercio, Industria, Artigianato e Agricoltura di Lecce v Mnni in which he appears to have given a certain grist to the Companies House mill by concluding that the data protection principle of retention of personal data for no longer than necessary must take precedence over and, therefore, preclude the system of disclosure through the registers provided for by Directive 68/151. That regime, under Italian law, appears to have allowed for unrestricted permanent access to the register. The AG appears to have endorsed a principle that disclosure should be managed on a case-by-case basis by the data controller; a view which if applied in the UK would pose colossal resource implications for an already stretched Companies House. Unfortunately, AG Bot’s Opinion is not currently available in English, so the nuances escape this parochial reader, but the eventual ruling of the CJEU will certainly be worth watching out for.
Christopher Knight
Donald, Where’s Your Schedule 3 Condition to Share Information Aboot Your Troosers?
The insularity of English lawyers can often mean that limited attention is paid to legal developments north of the border. Scotland, like the past, is a legally foreign country and they do things differently there. However, we here at Panopticon are never afraid to join a rousing chorus of ‘500 Miles’ by The Proclaimers (you should see some of the blog’s team at the Christmas Party – carnage). Readers with elephantine memories and little to do by way of fun may recall my post on the Inner House’s judgment concerning the ‘Named Person Service’. At the end of term, the case reached the Supreme Court in The Christian Institute v Lord Advocate [2016] UKSC 51. Apologies in advance for the length of the post which follows… Continue reading
Data protection and e-privacy – New Article 29 Working Party Opinion
The question of how data privacy rights bite within the online environment is undoubtedly one of the most important questions with which 21st century information rights practitioners have to grapple. It is also one of the most difficult. This is not least because this is an area which is dominated by a European legislative triumvirate which is highly complex and, in a number of areas, heavily under-tested. That triumvirate comprises: the Data Protection Directive (95/46/EC), the E-Privacy Directive (2002/58/EC) and the E-Commerce Directive (2000/31/EC). Continue reading