Handley Gill
LEGAL, REGULATORY & COMPLIANCE CONSULTANTS

Handley Gill Limited

Our expert consultants at Handley Gill share their knowledge and advice on emerging data protection, privacy, content regulation, reputation management, cyber security, and information access issues in our blog.

Posts tagged DATA SUBJECT ACCESS REQUEST
A paradox of choice
A paradox of choice

Handley Gill Limited’s specialist consultants unpack the recent High Court decision in Harrison v (1) Cameron & (2) Alasdair Cameron Limited [2024] EWHC 1377 (KB), in which the High Court determined that data controllers responding to data subject access requests (DSARs) are obliged to disclose the specific identities of recipients of personal data, and are not permitted to merely disclose categories of recipient unless exceptions or exemptions apply.

Read More
Nicola CainData Protection, PERSONAL DATA, UK GDPR, GDPR, General Data Protection Regulation, UK GENERAL DATA PROTECTION REGULATION, Article 15 UK GDPR, Article 15 GDPR, Data Subject Rights, DATA SUBJECT ACCESS REQUEST, DSAR, C-154/21, BREXIT, European Union (Withdrawal) Act 2018, Section 6 European Union (Withdrawal) Act 2018, S.6 European Union (Withdrawal) Act 2018, Austrian Post, C-154/21 RW v Osterreichische Post AG, Harrison v Cameron & Alasdair Cameron Limited [2024] EWHC 1377 KB, Data SharingComment
Right my wrongs
Right my wrongs

As the Information Commissioner’s Office conducts the fourth part of its consultation on generative AI and data protection focusing on data subject rights, ‘engineering individual rights into generative AI models’, Handley Gill’s specialist data protection and artificial intelligence (AI) consultants comment on the issues arising and share their consultation response, as well as highlighting areas not currently addressed in the draft guidance.

Read More
Nicola CainData Protection, PERSONAL DATA, Data Privacy, UK GDPR, GDPR, UK GENERAL DATA PROTECTION REGULATION, General Data Protection Regulation, Information Commissioner, Information Commissioner's Office, ICO, Data Subject Rights, SUBJECT ACCESS REQUEST, DATA SUBJECT ACCESS REQUEST, Data Subject Rights Request, Article 12 UK GDPR, ARTICLE 12(5) UK GDPR, Article 12 GDPR, Article 12(5) GDPR, Article 13 UK GDPR, Article 13 GDPR, Article 14 UK GDPR, Article 14 GDPR, Article 14(5)(b) UK GDPR, Article 14(5)(b) GDPR, Article 15 UK GDPR, Article 15 GDPR, Article 16 UK GDPR, Article 16 GDPR, Right to Rectification, Article 17 UK GDPR, Article 17 GDPR, Right to Erasure, Right to be Forgotten, RTBF, Article 18 UK GDPR, Article 18 GDPR, Right to restriction of processing, Article 19 UK GDPR, Article 19 GDPR, Consultation, Consultation Response, Artificial Intelligence, AI, Generative AI, Generative Artificial Intelligence, Web Scraping, AI Training, AI Training Data, AI Transparency, AI Regulation, Generative AI & Data Protection, Engineering Individual Rights into Generative AI Models, Privacy Notice, Privacy PolicyComment
On Hand July 2023
On Hand July 2023

July 2023 edition of Handley Gill’s monthly digital newsletter, with all the latest developments in data protection (UK, EU and global), cyber security, AI and machine learning, content regulation, open justice, access to information, reputation management and digital markets regulation. Presented in a readily digestible digital format, those who prefer the traditional newsletter format can export the newsletter to pdf.

Read More
Nicola CainData Protection, PERSONAL DATA, UK GDPR, UK GENERAL DATA PROTECTION REGULATION, GDPR, General Data Protection Regulation, Regulation (EU) 2016/679, Cyber Security, CONTENT REGULATION, Content Moderation, Reputation Management, Libel, Slander, Open Justice, Malicious Falsehood, Misuse of Private Information, Privacy, Data Privacy, AI, Artificial Intelligence, Digital Markets Regulation, Access to Information, Freedom of Information Act 2000, Adequacy Decision, US Adequacy Decision, EU-US Data Privacy Framework, Trans-Atlantic EU-US Data Privacy Framework, Trans-Atlantic Data Privacy Framework, Freedom of Expression, Free Speech, Freedom of Speech, Information Commissioner, Special Purposes, Special Purposes Processing, Journalism, Journalism Code, Journalism Exemption, Data protection and journalism code, Facial Recognition, Right to be Forgotten, CBPR Form, Global Cross Border Privacy Rules Forum, Pornography, Surveillance, Biometrics Commissioner, Surveillance Camera Commissioner, Digital Markets Act, Data Subject Rights, DATA SUBJECT ACCESS REQUEST, DSAR, SAR, Retained EU Law, Human Rights, European Convention on Human Rights, Article 8 European Convention on Human Rights, Article 10 European Convention on Human RightsComment
So you’ve been debanked…
So you’ve been debanked…

Handley Gill’s data protection consultants consider the implications of the data subject access request (DSAR) submitted by Nigel Farage in the context of his de-banking dispute with Coutts & Co and its parent company Natwest, and advise how individuals can make a data subject access request (DSAR).

Read More
Nicola CainData Protection, Personal Data, GDPR, UK GDPR, General Data Protection Regulation, UK GENERAL DATA PROTECTION REGULATION, DATA PROTECTION ACT 2018, Article 15 GDPR, Article 15 UK GDPR, DATA SUBJECT ACCESS REQUEST, DSAR, SAR, Subject Access Request, Retained EU Law, Data Protection & Digital Information (No.2) Bill, Data Protection & Digital Information Bill, Data Protection Reform, Nigel Farage, Coutts & Co, Natwest, Alison Rose, Information Commissioner, Information Commissioner's Office, Data Regulation, Data enforcement, Financial Conduct Authority, FCA, ICO, AML, Anti-Money Laundering, Know Your Customer, KYC, Banking, Financial Services, Data Processing, SPECIAL CATEGORY PERSONAL DATA, Political Opinions, Religious or Philosophical Beliefs, Article 9 UK GDPR, Article 9 GDPR, Peter Flavel, Politically Exposed Person, PEP, Money Laundering Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, Money Laundering Regulations, (SI 2017/692), Freedom of Expression, Free Speech, Financial Services and Markets Act 2023, HM Treasury, Freedom of Speech, Discrimination, Protected Characteristics, Religion or Belief, Data Subject Rights, Data Subject Access Request, Retained EU Law (Revocation and Reform) BillComment
New and improved?
New and improved?

The Second Reading of, and first chance for Parliament to debate, the government’s second attempt to reform the UK’s data protection legislation, in what it has described as the “improved” and “common-sense-led” Data Protection and Digital Information (No.2) Bill (Bill 265 2022-23) takes place on 17 April 2023. Handley Gill’s specialist data protection consultants consider its impact on the UK’s existing data protection legislation and identify amendments that would improve the Bill.

Read More
Nicola CainData Protection, Personal Data, GDPR, UK GDPR, Data Protection Act 2018, Data Protection Reform, PECR, DPA 2018, Privacy and Electronic Communications Regulations, Data Reform Bill, Data Protection and Digital Information Bill, Data Protection and Digital Information (No. 2) Bill, Bill 265 2022-23, DPDI Bill, Data: A New Direction, DPDI2 Bill, Bill 143 2022-23, General Data Protection Regulation, UK GENERAL DATA PROTECTION REGULATION, DPDI(2) Bill, DPDI (No.2) Bill, Information Commissioner, Information Commission, Supervisory Authority, Department for Culture Media & Sport, Department for Science Technology & Innovation, Department for Science Innnovation & Technology, Department for Science Innovation & Technology, Brexit, Innovation, Code of Practice, Statutory Code of Practice, DATA SUBJECT ACCESS REQUEST, Data Subject Rights, Vexatious or excessive, Approved person, Data subject complaint, Data controller complaint, Statement of Strategic Priorities, Enforcement, Regulatory Enforcement, Interview notices, First Tier Tribunal (Information Rights), Notice of Intent, Monetary Penalty Notice, Definition of personal data, Data Controller, Data ProcessorComment
Pile Up Ahead?
Pile Up Ahead?

Handley Gill comments on the Government’s response to the ‘Data: A New Direction’ consultation, which previews the content of the forthcoming Data Reform Bill, and identifies other issues which would merit being addressed in the proposed legislation.

Read More
Nicola CainHandley Gill LimitedPERSONAL DATA, UK GDPR, UK GENERAL DATA PROTECTION REGULATION, DATA PROTECTION ACT 2018, DPA 2018, PECR, PRIVACY AND ELECTRONIC COMMUNICATIONS REGULATIONS, DATA: A NEW DIRECTION, DATA PROTECTION REFORM, BREXIT, NATIONAL DATA STRATEGY, CONVENTION FOR THE PROTECTION OF INDIVIDUALS WITH REGARD TO AUTOMATIC PROCESSING OF PERSONAL DATA, POLITICAL PROCESSING, ARTICLE 6 UK GDPR, SPECIAL CATEGORY PERSONAL DATA, SCHEDULE 1 DATA PROTECTION ACT 2018, ANONYMITY, ANONYMOUS DATA, ARTICLE 4(1) UK GDPR, THE COUNCIL OF EUROPE’S CONVENTION 108, THE COUNCIL OF EUROPE CONVENTION 108, PRIVACY MANAGEMENT PROGRAMME, DATA PROTECTION OFFICER, ARTICLE 37 UK GDPR, DATA PROTECTION IMPACT ASSESSMENT, DPIA, ARTICLE 35 UK GDPR, ARTICLE 30 UK GDPR, RECORDS OF PROCESSING ACTIVITIES, ARTICLE 36 UK GDPR, PRIOR CONSULTATION, ARTICLE 12(5) UK GDPR, MANIFESTLY UNFOUNDED OR EXCESSIVE, VEXATIOUS OR EXCESSIVE, ARTICLE 45(2) UK GDPR, INTERNATIONAL DATA TRANSFERS, ADEQUACY DECISION, S.17B(1) DATA PROTECTION ACT 2018, COOKIES, COOKIE CONSENT, REGULATION 6 PRIVACY AND ELECTRONIC COMMUNICATIONS REGULATIONS, REGULATION 22(2) PRIVACY AND ELECTRONIC COMMUNICATIONS REGULATIONS, SOFT OPT-IN, MARKETING, INFORMATION COMMISSIONER, EXPERT PANEL, ENFORCEMENT, MONETARY PENALTY NOTICE, ARTICLE 15 UK GDPR, DATA SUBJECT ACCESS REQUEST, SUBJECT ACCESS REQUEST, BILL OF RIGHTS, EUROPEAN COURT OF HUMAN RIGHTS, UK SUPREME COURT, SUPREME COURT, EUROPEAN COMMISSION, COMMISSION IMPLEMENTING DECISION C(2021) 4800, Data Protection & Digital Information BillComment