The new Data Protection and Digital Information Bill (No. 2) (the “Bill”) has been widely publicised, particularly the government’s claimed saving to business of £4 billion over the next 10 years. The savings are to be achieved by removing barriers to “responsible innovation”. This article explores what that might mean from an HR and employment law perspective. Data Subject Access Requests (“DSARs”) Employees, like all data subjects, have the right to understand what data is processed…
Brian Hengesbaugh and Julia Wilson, a leading employment and privacy partner in our London office, join for this episode of Connect on Tech to discuss privacy in the work place and key issues employers are facing. In this podcast, Brian and Julia take a deep dive into four key areas employers must carefully navigate in the data and privacy realm – i) the processing of testing and vaccination data, ii) employee monitoring in various guises from clever…
The new standard contractual clauses for data transfers to third countries (“Ex-EU SCCs”) and standard contractual clauses for controllers and processors in the EU/EEA (“Intra-EU SCCs”) issued by the European Commission provide for, both, chances and challenges for EU service providers supporting EU and non-EU customers, some of which are outlined below. 1. When do the Ex-EU SCCs apply? EU service providers supporting non-EU customers might want to enter into the new Ex-EU SCCs with…
The European Commission (“EC”) recently issued a set of standard contractual clauses for controllers and processors in the EU/EEA (“Intra-EU SCCs”). The Intra-EU SCCs accompany a wider set of clauses issued for extra-EU/EEA personal data transfers (“Extra-EU SCCs”), covering transfers between different types of data processing actors (processors, controllers, sub-processors etc.). Both of them were published in the Official Journal of the European Union on June 7, 2021. The clauses for intra-EU data processing arrangements…
The European Commission (“EC”) recently issued its revised standard contractual clauses for data transfers to third countries (“Ex-EU SCCs”) and a companion set of standard clauses for controllers and processors in the EU/EEA (“Intra-EU SCCs”). Both are now published in the Official Journal. The following is an introduction to the core elements of the Ex-EU SCCs and a brief overview of the Intra-EU SCCs. Legal Context The Ex-EU SCCs are a mechanism that companies can…
The European Commission published draft regulations (“AI Regulations”) governing the use of artificial intelligence .
As vaccines become more readily available in Europe and the Gulf region, employers have a lot of questions about how this changes the return to the workplace.
*Survey last updated April 30, 2020* Our latest edition, spanning 39 jurisdictions, answers five common data privacy and security questions employers may have in light of COVID-19, especially as lockdowns are slowly being eased in some countries and employers prepare to re-open workplaces. As the world grapples with the COVID-19 pandemic and its profound impact across regions and industries, many companies are facing difficult business and legal challenges and are required to make some urgent…
The UK Supreme Court has today allowed two appeals which provide some welcome relief for UK employers in relation to the treatment of vicarious (secondary) liability under English law generally, but leave a sting in the tail when considering data breaches committed by employees: Morrisons v Various Claimants – a significant and long running employment and data protection case in which the lower courts had found Morrisons to be vicariously liable for a data breach…