GDPR: Next steps, post-enforcement
The 25th May 2018 is the day that the General Data Protection Regulation (“GDPR”), with its tightened rules around ‘consent’, came into force across the EU.
One of the reasons why the GDPR has caused such a stir, is that it not only creates tighter data protection obligations but the penalties for breaching the provisions have also been bolstered markedly.
The UK Information Commissioner, Elizabeth Denham, has made it clear that the regulator will not be seeking to punish businesses for minor transgressions immediately. Rather, she sees data protection as an evolutionary process where businesses that are moving towards compliance and raising the general standards of data protection will be treated sympathetically and with a proportionate response in the event of a breach of the rules.
If you are taking your GDPR obligations seriously and working towards compliance then you need not fear the regulator coming down on you. Those who are wilfully ignorant, deliberately disregarding or negligent of their data protection obligations however should feel slightly more uneasy.
If you, like many, are unsure of the steps to take towards compliance then the following check-list will assist:
- Consider and document your lawful grounds for processing personal data.
- Consider and update your privacy notices.
- Identify, draft and implement the necessary policies (both internally and externally).
- Review your data processing agreements.
- Establish a lawful gateway for international data transfers.
- Develop mandatory breach notification procedures.
- Develop procedures to observe new and enhanced individual’s rights.
- Designate a privacy officer / data protection officer.
- Maintain adequate records.
- Contact a legal professional to review your GDPR compliance.
Events series: Spotlight on GDPR
We are running a series of events during 2018 to help our clients better understand particular issues under the GDPR. The first, 'Dealing with subject access and other subject rights' is scheduled for 3 July 2018. Please email our events team if you are interested in attending this seminar.
For more information, please contact Jonathan McDonald or Harry Taylor.
Our thinking
Gareth Mills
Charles Russell Speechlys sponsors the Gulf Data Centre Association
“We are excited to be supporting the newly formed Gulf Data Centre Association (GDCA). "
Paul Stone
The Financial Times quotes Paul Stone on Ofcom's probe into competition and big tech in the cloud market
"The probe may act as a catalyst for a full-blown market investigation..."
Sara Sheffield
The Virtual Currency Regulation Review
Virtual Currency Regulation in the UAE
Paul Stone
Paul Stone provides comment for City AM on the record fine against Google over Android phones
"This decision is a symbolic victory”
Paul Stone
City AM quotes Paul Stone on the lawsuit facing Google re: anticompetitive conduct in the digital advertising market
"the lawsuits are a 'mirror image' of ongoing investigations by the CMA..."
Aileen Johnson
Charles Russell Speechlys shortlisted for FT Innovative Lawyers Europe 2022 Award
Charles Russell Speechlys shortlisted for FT Innovative Lawyers Europe 2022 Award
Jamie Cartwright
The Grocer quotes Jamie Cartwright on the Celia Marsh inquest and allergen action
“Natasha’s Law responded to a perceived lack of accessible information on ingredients for consumers on the product itself..."
Lesley O’Leary
Lesley O'Leary writes for The Law Society Gazette on law firm strategy
‘You need to have a frank discussion about the things that matter to clients’
Megan Paul
Megan Paul writes for People Management on how business can help stamp out modern slavery in its supply chains
Stamping out modern slavery: how can HR help?
Gareth Mills
Technology Disputes Bahrain
Gareth Mills writes for Lexology GTDT on Technology Disputes in Bahrain
Penelope Byatt
The Telegraph quotes Penelope Byatt on the proposed sale of the Trevalga estate
“Many charities do carry on for hundreds of years ... They’re not subjected to this requirement"
Thanos Karvelis
ICLG - International Arbitration 2022
Practical cross-border insights into international arbitration work
Ilona Bateson
Top of the corporate agenda: modern slavery failings and mandatory supply chain disclosures
The Financial Reporting Council Lab has gone live with two new publications, signalling a market shift on supply chain issues.
Mark Howard
IT Pro quotes Mark Howard on investment in UK tech start-ups
"The UK has the strongest venture and growth capital funding ecosystem in Europe.”
Chris Haywood
Chris Haywood writes for The Oath on the impact of Dubai's new Virtual Asset Law on NFTs and the metaverse
A future-ready framework?
Darren Bailey
The Financial Times quotes Darren Bailey on the European Super League and the landmark case at the ECJ
“A win for the clubs may well lead to a far more fragmented football landscape"
Nic Couchman
Charles Russell Speechlys advises Fresh Air Festival on the Bangkok Century Cup 2022
Charles Russell Speechlys advises Fresh Air Festival on the Bangkok Century Cup 2022
Rudy Capildeo
Art Net quotes Rudy Capildeo on a new legislative change re: criminal damage to memorials
“A political judgement appears to be being placed on the content of the graffiti rather than the act of vandalism itself.”
Emma Humphreys
Property Week quotes Emma Humphreys on the Electronic Communications Code
Judgment on telephone masts clarifies the rights of landowners
Darren Bailey
City AM quotes Darren Bailey on the European Super League and the upcoming hearing at the ECJ
“The ramifications of the ECJ judgment for the future shape of football… cannot be underestimated".