Category Thought Leadership

Last call

The Financial Times reports this morning (Monday 12 Feb 2018) that Unilever, the world’s second-largest advertiser has warned social media giants Google and Facebook that it will pull its advertising from their platforms if they continue to ‘’foster hate’’ or fail to act responsibly in the wake of the exponential increase in offensive and unlawful content that is posted on its platforms and represents a direct assault on the rights, freedoms and interests of millions of data subjects, including children.

The climate has turned and social media giants now find themselves in a media storm where sitting back and doing nothing is no longer an option...

Read More

Schrems fails to deliver a knockout blow to Facebook Ireland at the Court of Justice, European Union

On Thursday 25 January 2018, the Court of Justice of the European Union (CJEU) ruled that 30-year old Austrian privacy campaigner Max Schrems couldn’t bring a class action law suit against Facebook Ireland for what he claims was illegal use of personal data but granted him permission to challenge the social media giant’s business practices in his native Austria.

The second CJEU ruling in Schrems’ long-running legal battle with Facebook is significant for widening legal jurisdiction against Facebook Ireland by granting the right of Schrems to take legal action against Facebook Ireland in the Austrian courts.

Facebook Ireland, headquartered in Dublin, unsuccessfully argued that the matter could only be heard in Irish courts.

The case now returns to Austrian courts that had previously faile...

Read More

Not a good start to the New Year for Apple

Apple has just issued a second customer warning for owners of its iPhones, iPads and MAC products that they are affected by a processor flaw that could leave them vulnerable to hackers.

The US tech giant urged its millions of customers to only download software from trusted sources after the security vulnerabilities, known as Meltdown and Spectre, were revealed on Wednesday.

According to the Press Association (PA News), there’s no evidence that the security flaws that affect computer processors built by Intel and ARM – have so far been exploited by hackers, although companies including Microsoft have been working to provide urgent fixes.

Apple says it had released software updates for iOS, the software on its phones and tablets, macOS, which is used by its computers and tvOS for its tele...

Read More

Interview with the World Advertising Research Council (WARC) on what marketers need to do now about the GDPR

Read More

Landmark judgment in data protection action against Morrisons at High Court in UK

Supermarket giant Morrisons has been found vicariously liable for the actions of a rogue member of staff who stole the personal data of thousands of workers and posted it online in revenge for disciplinary action taken against him by the company.

On 1 December 2017, Mr Justice Langstaff at the High Court ruled that Morrisons was vicariously liable for the personal data breach that leaked their names, addresses, salaries, bank account details, national insurance and other sensitive personal data on line.

In July 2015, former internal auditor Andrew Skelton was found guilty at Bradford Crown Court of fraud, securing unauthorised access to computer material and disclosing personal data and jailed for eight years.

The trial heard that his motive appeared to have been a grudge over a previous i...

Read More

My ‘light bulb’ moment on the GDPR

On Tuesday 31 October, President Donald J Trump gave the executive order to release previously withheld files relating to the 1963 assassination of John F Kennedy.

Among the many black and white TV news clips of speeches made by JFK that I’ve been watching across several TV networks that are marking one of the darkest hours in American history, one sentence in particular struck a chord with me and perhaps many of you reading this too:

“In each of us there’s a private hope and dream which, if fulfilled, can be translated into benefit for everyone.”

That may sound like a lofty ideal, but I sincerely believe that as data protection professionals we all need to have the conviction to want to make a positive difference for both the company and organisation that we are part of as well as...

Read More

Take a Chance on Me? Not worth the risk when it comes to the GDPR

The cost of compliance is much less than the price of failure.

To most readers of my blog, this adage may sound obvious, with respect to the General Data Protection Regulation (Regulation 2016/679). Nonetheless, it’s advice isn’t universally observed.

Some months ago, I was talking to a director of a well-known European financial services company about the impact Regulation 2016/679 would have on the business. But I wasn’t fully prepared for his response. “We can afford to pay the fines,” he said.


There then followed a couple of seconds of silence as I composed myself. Had I really heard this or had I imagined it? Was it boastful, perhaps intended to impress or simply a bold statement of fact?

I remarked this was interesting...

Read More

Do you still worship at the Temple of Big Data?

Major personal data breaches are happening at a rate of one a day – Equifax, BUPADeloitteNHSNottingham County CouncilIslington CouncilHCA Healthcare and many, many more. Wanna Cry? (I bet you do).

Do you live in fear of whether you’re next? It doesn’t have to be this way. We are transitioning to an era in which individuals have both the skills and the opportunities to choose how they manage and share their personal data to achieve a range of beneficial outcomes.

Digital evangelists like Stephen Deadman, Global Deputy Chief Privacy Officer at Facebook remains optimistic about the future, rather than terrified by it...

Read More

Legality of Standard Contractual Clauses (SCC’s) hangs in the balance awaiting decision by CJEU

Ireland’s High Court has just ruled today (Tuesday 3 October 2017) that the decision to ban the use of Standard Contractual Clauses (SCC) by social media giants like Facebook, Microsoft and Google to transfer users’ personal data to the US must be initially decided by the Court of Justice of the European Union (CJEU).

Giving her judgment in open court, Irish High Court Judge Caroline Costello said: “I have decided to ask the Court of Justice for a preliminary ruling. European Union law guarantees a high level of protection to EU citizens…they are entitled to an equivalent high level of protection when their data is transferred outside of the European Economic Area.”

This of course looks like a spooky re-run of the Safe Harbor legal action brought by Max Schrems that resulted in the...

Read More

Interview with Liberum Investment Bank on the consequences of the GDPR for institutional investors

This is a short 5 minute filmed interview produced by Liberum Investment Bank for its clients in London and New York on the Directive 2016/679 (General Data Protection Regulation). Recorded in London in July 2017.

Copyright Liberum Investment Bank 2017.


Read More