All you need to know about the General Data Protection Regulation (GDPR) (2016/679) News

EU plans risk-based artificial intelligence regulation
The European Commission recently published its proposal for the regulation of artificial intelligence, or AI, (Regulation) which will subject high-risk AI systems to strict obligations before being put on the market and has the potential for steep fines. Despite the UK’s departure from the EU, the Regulation is significant and its extra-territorial reach means many UK-based businesses stand to be affected.
A welcome step towards certainty for businesses transferring data from the EU to the UK
The European Commission has published its draft adequacy decision in respect of the UK, which is an important step towards the continued free flow of personal data from the EEA to the UK. Amir Kousari, Senior Associate and data protection expert at tech law firm Boyes Turner explains the implications.
Tweeting Tardy: Twitter fined $500,000 for GDPR breach
Twitter’s recent $500,000 fine for breaching data protection laws provides lessons for businesses of all sizes, Jemille Gibson and Mark Blunden talk us through what this means...
Will the Pips Tweet?
On 10 November 2020, the European Data Protection Board (EDPB), issued a press release noting that it had issued its first Article 65 decision under the General Data Protection Regulation (GDPR), against Twitter. At the time of writing, this is all we know.
Coronavirus (COVID-19) Message for our clients
As the coronavirus continues to create significant challenges for families and businesses, we want to reassure our clients of the steps that Boyes Turner have taken in order to continue to provide a high level of client service.
New Year, new data protection! 
1 January 2020 saw the introduction of the California Consumer Protection Act, a new data protection law in California, the toughest data privacy law in the US to date. 
Marriott faces £99 million GDPR fine
The Information Commissioner’s Office (ICO) spent the summer flexing its newly acquired GDPR muscles, with one of its primary targets, Marriott International Inc. (“Marriott”) subject to an intention to fine notice of £99,200,396 for infringements of the regulation.
Marriott and BA fined by ICO – what the message is:
There was a naïve hope that the ICO would approach enforcing the new GDPR as gently as it had initially approached the same under the DPA, way back in 1998; some gentle fines and reminders to comply with the law, but basically, as long as you “had a go”, tried to comply, that would be acceptable. 
GDPR – a Year in Review 
This time last year, the General Data Protection Regulation (GDPR) took effect. Since then, it has undoubtedly been the busiest year to date in data protection compliance. Official figures from the International Association of Privacy Professionals show 375,000 newly registered Data Protection Officers, 280,000 new cases referred to regulators and $56,000,000 worth of fines issued in enforcement actions. 
Can an organisation be liable for a GDPR breach by a disgruntled employee?
Breaches of GDPR could give rise to claims by those whose data has been misused, but can an organisation still be liable for breaches which occur as a result of the malicious actions of a disgruntled employee? Who ultimately holds responsibility for ensuring adherence to the Regulation?

award winning law firm

Boyes Turner are proud to have received the following awards and recognition.