CONTACT US 0131 226 8200

A comparison of the GDPR, ePrivacy Regulation, Data Protection Bill and Law Enforcement Directive

data protection bill
It’s not difficult to understand why there is some level of confusion and “panic” in many organisations with regard to upcoming privacy law changes.  Just when people begin to think they have got their heads round the GDPR requirements, they suddenly hear about the Data Protection Bill, the ePrivacy Regulation and the Law Enforcement Directive. So – what do each of these mean and how do they interact? Below we summarise what each covers and how they interact:GDPRProbably the most widely discussed, the General Data Protection Regulation (“GDPR”) introduced nearly 2 years ago, will come into force on 25th May 2018.The...
  4284 Hits
4284 Hits

Personal Data Breach Notification Requirements under the GDPR – What, When and How?

The General Data Protection Regulation introduces a requirement for controllers to notify personal data breaches to the relevant supervisory authority. Whilst new to the UK, many member states already have in place a notification obligation for personal data breaches, either limited to particular categories of controllers or, in the Netherlands, for all personal data breaches.  This blog post shall address some of the main queries arising in relation to this obligation as it exists under the GDPR.Do all breaches need to be reported?No. Not all data breaches will need to be reported.  Only those that are likely to result in a...
  2787 Hits
2787 Hits

Social Media and the GDPR

Back in the late nineties when the Data Protection Directive and the UK’s Data Protection Act were enacted, social media was none existent.  Linkedin arrived in 2002, Facebook in 2004, YouTube in 2005, Twitter in 2006, Whatsapp in 2009, Instagram in 2010, Snapchat in 2011 with a thousand and one variations in between and ever since. In stark contrast to a time when having a brick-like mobile phone with its ability to send two short and sweet lines of text to a friend was something of a novelty, less than two decades later our lives are now unavoidably linked by technology–...
  1116 Hits
1116 Hits

Data Security – use of pseudonymisation under the GDPR

In a world where our lives are increasingly online, keeping our personal details secure is one of the main concerns of both individuals using online services and legislators alike.  This is one of the main reasons why European legislators are working hard to raise the standards for online data protection and the security of personal data.  The General Data Protection Regulation (GDPR) which takes effect on 25th May 2018 consequently imposes a number of obligations on data controllers and processors in order to ensure that personal data is processed in an adequately secure manner. Data controllers and processors have a general...
  1367 Hits
1367 Hits

Clubs, Societies and the GDPR (part 2)

In this blog post we continue our data protection FAQs for Small Clubs and Member Societies.Can we still send emails to members?You can still send emails to individuals but should be clear about what lawful basis you are using to do this. Note that if you are sending marketing emails, you may also have to comply with the Privacy and Electronic Communication Regulations (PECR). If you are simply communicating with individuals about scheduled club meetings and events, the PECR will not be relevant.As explained above, all processing requires a lawful basis. These include valid consent and legitimate interest. Consent is currently...
  3029 Hits
3029 Hits

Contact us today