Data dispatch - July 2024
Welcome to the fifth edition of Data Dispatch from the Data Advisory team at RPC. Our aim is to provide you on a regular basis with an easy-to-digest summary of key developments in data protection law.
The format makes it easy for you to get a flavour of each item from a short summary, from which you can click "read full article".
Please do feel free to forward on the publication to your colleagues or, better still, recommend that they subscribe to receive the publication directly.
If there are any issues on which you'd like more information (or if you have any questions or feedback), please do let us know or get in touch with your usual contact at RPC.
Key developments
DPDI Bill falls in 'wash up' ahead of General Elections
The Data Protection and Digital Information Bill has been dropped in the Parliamentary 'wash up' process following the announcement of the general elections this summer.
ICO consults on "consent or pay" business model
The ICO has called for views on the use of "consent or pay" business models which will contribute to the ICO's final regulatory position on this issue.
AI Update
The EU AI Act has been signed. In the UK, the AI and Digital Hub has been set up to provide one-stop-shop regulatory advice on innovative tech .
Enforcement action
ICO orders Serco Leisure and community leisure trusts to stop processing biometric data for the purposes of monitoring their employees
On 23 February 2024, the Information Commissioner's Office (ICO) announced the issuing of enforcement notices ordering Serco Leisure, Serco Jersey, and seven associated community leisure trusts to stop using facial recognition technology, and fingerprint scanning, to monitor their employees' attendance at work (see here).
Read the full article.
CJEU finds that a press release by the European Anti-Fraud Office indirectly identified the subject of a fraud investigation
On 7 March 2024, the Court of Justice of the European Union (CJEU), annulling a finding of the General Court of the European Union (GC), confirmed that, to determine if a data subject is indirectly identifiable, it is necessary to view the information in its entirety and to consider 'all the means reasonably likely to be used' by individuals to identify a data subject.
Need to know
The ICO has issued guidance on the use of fines under the UK GDPR
Read the full article.
The ICO plan to create an AI tool to identify websites which are using non-compliant cookie banners
Read the full article.
UK's ICO and USA's FCC collaborate to tackle unwanted communications
The UK's Information Commissioner's Office (ICO) and USA's Federal Communications Commission (FCC) have announced that they have signed a Memorandum of Understanding (the Memorandum) regarding the protection of consumers from unsolicited communications.
Read the full article.
Stay connected and subscribe to our latest insights and views
Subscribe Here