Privacy

Claire Morrissey, partner at Maples and Calder, examines the common themes which have dominated the GDPR landscape in Ireland and across Europe. Yesterday marked the fourth anniversary of the General Data Protection Regulation (EU) 2016/679 (GDPR). Over the course of its first four years, some commo

The PSNI is facing legal action after a data breach reportedly saw the personal information of 152 people shared with police in the United States. The force said it had referred itself to the Police Ombudsman and informed the Information Commissioner's Office (ICO) in relation to the breach, the Bel

The Court of Appeal has ruled that the use of CCTV security footage to investigate an employee discipline issue was unlawful because the footage was collected and processed for the specific purpose of security. It was held that this difference in purpose was in contravention to the Data Protection A

The UK's Information Commissioner’s Office (ICO) has fined Clearview AI Inc £7,552,800 for using images of people in the UK, and elsewhere, that were collected from the web and social media to create a global online database that could be used for facial recognition. The ICO has also iss

The government has been urged to clarify whether proposed legislation on digital recording by gardaí explicitly covers facial recognition and other emerging technologies. The Irish Human Rights and Equality Commission said the human rights and equality implications of these technologies need

A total of six criminal appeals could be affected by last week's ruling that an Irish data retention law is incompatible with EU law. The Grand Chamber of the Court of Justice of the European Union (CJEU) has held that the "general and indiscriminate" retention of electronic communications data for

Convicted murderer Graham Dwyer has succeeded in his EU court challenge to an Irish data retention law that played a crucial role in his trial and conviction.

Arthur Cox partners Rosemary Lundy and Richard Armstrong set out the key dates and next steps for the UK's new standard contractual clauses for personal data transfer. Data protection rules in the EU and United Kingdom generally restrict transfers of personal data to third countries which have a leg

The Irish Council for Civil Liberties (ICCL) has launched judicial review proceedings against the Data Protection Commission (DPC) over its alleged failure to protect people from the practice of "real-time bidding" for online advertising. In an affidavit filed with the High Court, plaintiff Dr Johnn

David Leonard BL examines a recent UK Supreme Court ruling against Bloomberg, which makes it more difficult for UK media outlets to publish information about individuals under criminal investigation, and considers the Irish law in this area. In Bloomberg LP v. ZXC [2022] UKSC 5, the Court

An English law firm has been fined £98,000 by the Information Commissioner's Office (ICO) after a data breach caused by ransomware. Hackers gained access to the IT systems of criminal defence firm Tuckers Solicitors LLP and compromised more than 24,700 court bundles containing sensitive data s

Lorcan Moylan Burke, associate at Ronan Daly Jermyn, examines how the German courts have been dealing with an issue so far untested in Ireland – claims for non-material damage under the GDPR. The right to compensation under the GDPR is provided for under Article 82 and is one of the more contr

The Data Protection Commission (DPC) grew its headcount by 31 per cent last year and is targeting similar growth in 2022, according to its latest annual report. The DPC has attracted criticism from European data protection experts in the last few years for being under-resourced for its role as one o

MKB Law has become the first law firm in Northern Ireland to achieve the 2022 GDPR certification for law firms from Briefed. Briefed has created bespoke GDPR training for law firms, meeting all ICO standards, which allows firms to annually certify directors, associates, support staff and trainees at

New UK data transfer rules replacing the EU's standard contractual clauses (SCCs) have been laid before Parliament. The international data transfer agreement (IDTA), the international data transfer addendum to the European Commission's SCCs for international data transfers, and a document setting ou