Handley Gill
LEGAL, REGULATORY & COMPLIANCE CONSULTANTS

Handley Gill Limited

Our expert consultants at Handley Gill share their knowledge and advice on emerging data protection, privacy, content regulation, reputation management, cyber security, and information access issues in our blog.

Posts tagged Data Sharing
#DPPC24
#DPPC24

If you couldn’t make it to the Information Commissioner's Office's (ICO's) Data Protection Practitioners' Conference 2024 (DPPC24), missed a session, were double-booked, couldn’t choose or want to delve deeper into the issues raised by any of the following sessions, Handley Gill's specialist data protection consultants highlight our related content.

Read More
Nicola CainData Protection, Data Protection Practitioners' Conference, DPPC, DPPC24, DPPC 2024, Information Commissioner, Information Commissioner's Office, Artificial Intelligence, AI, SUBJECT ACCESS REQUEST, DATA SUBJECT ACCESS REQUEST, Data Subject Rights, Data Transfer, Restricted Data Transfer, International data transfers, US Data Transfers, Data Breach, Data Breach Response, Incident Response, Supply Chain Risk, Employee Monitoring, Employment Law, Data Sharing, UK GDPR, DATA PROTECTION ACT 2018, DPA 2018Comment
You Shall EU
You Shall EU

Handley Gill's specialist data protection consultants consider the status of CJEU judgments in UK law after the Labour government intervened to prevent section 6 Retained EU Law (Revocation and Reform) Act 2023 from coming into force and amending the European Union (Withdrawal) Act 2018, and consider several CJEU judgments addressing the processing of special category personal data, the interaction between data protection and competition law, the conduct and balancing of legitimate interests assessments, data minimisation and the status of supervisory authority decisions.

Read More
Nicola CainData Protection, GDPR, EU GDPR, General Data Protection Regulation, Regulation (EU) 2016/679, UK GDPR, UK GENERAL DATA PROTECTION REGULATION, Retained EU Law, Retained EU Law (Revocation and Reform) Act 2023, European Union (Withdrawal) Act 2018, Section 6 European Union (Withdrawal) Act 2018, section 6 Retained EU Law (Revocation and Reform) Act 2023, Assimilated Law, BREXIT, CJEU, Data Controller, Data Minimisation, Supervisory Authority, Health Data, Article 9(1) GDPR, Article 9 GDPR, Article 9 UK GDPR, Article 9(1) UK GDPR, Legitimate Interests, Legitimate Interests Assessment, LIA, Article 6(1)(f) UK GDPR, Article 6(1)(f) GDPR, Commercial Interests, Advertising, MARKETING, Targeted Advertising, Behavioural Advertising, Personalised Advertising, Data Sharing, Necessity, C-446/21, C-621/22, C-21/23, C-200/23, SPECIAL CATEGORY PERSONAL DATA, Special Category Data, Sexual Orientation, Article 9(2)(a) GDPR, Article 9(2)(a) UK GDPR, Article 9(2)(e) GDPR, Article 9(2)(e) UK GDPR, Article 5(1)(c) GDPR, Article 5(1)(c) UK GDPR, Data Retention, C-507/23, Compensation, Damages, Article 82 GDPR, Article 82(1) GDPR, ApologyComment
A problem shared...
A problem shared...

As Iceland boss Richard Walker decried data protection and human rights laws for allegedly preventing him and his staff from sharing information with other retailers in order tackle the scourge of shoplifting, Handley Gill’s specialist data protection consultants consider how these and other laws apply to retailers and shopping centre operators and identify the steps retailers can take to lawfully share personal data for the purposes of preventing or detecting crime.

Read More
Nicola CainData Protection, Personal Data, GDPR, General Data Protection Regulation, Regulation (EU) 2016/679, UK GDPR, UK GENERAL DATA PROTECTION REGULATION, Data Controller, Data Sharing, Data Sharing Agreement, Criminal Conviction & Offence Data, Article 10 UK GDPR, Section 11 Data Protection Act 2018, s.11 DPA 2018, Section 11(2) Data Protection Act 2018, s.11(2) DPA 2018, Section 10 Data Protection Act 2018, S.10 DPA 2018, Section 10(5) Data Protection Act 2018, s.10(5) DPA 2018, Retail, Retail Crime, Theft, Shoplifting, Data Protection Offences, Data protection impact assessment, DPIA, Appropriate Policy Document, Schedule 1 Data Protection Act 2018, Public Domain, Manifestly Made Public, NT1 & NT2 v Google LLC [2018] EWHC 799 (QB), Data Privacy, Misuse of Private Information, Article 8 ECHR, Article 8 European Convention on Human Rights, Rehabilitation of Offenders Act 1974, Retention Schedule, Data Retention, Section 170 Data Protection Act 2018, Prevention or detection of crime, Crime prevention, Crime detection, Human Rights Act 1998, Reputation Management, Defamation, Libel, SlanderComment
A paradox of choice
A paradox of choice

Handley Gill Limited’s specialist consultants unpack the recent High Court decision in Harrison v (1) Cameron & (2) Alasdair Cameron Limited [2024] EWHC 1377 (KB), in which the High Court determined that data controllers responding to data subject access requests (DSARs) are obliged to disclose the specific identities of recipients of personal data, and are not permitted to merely disclose categories of recipient unless exceptions or exemptions apply.

Read More
Nicola CainData Protection, PERSONAL DATA, UK GDPR, GDPR, General Data Protection Regulation, UK GENERAL DATA PROTECTION REGULATION, Article 15 UK GDPR, Article 15 GDPR, Data Subject Rights, DATA SUBJECT ACCESS REQUEST, DSAR, C-154/21, BREXIT, European Union (Withdrawal) Act 2018, Section 6 European Union (Withdrawal) Act 2018, S.6 European Union (Withdrawal) Act 2018, Austrian Post, C-154/21 RW v Osterreichische Post AG, Harrison v Cameron & Alasdair Cameron Limited [2024] EWHC 1377 KB, Data SharingComment
U-turn?
U-turn?

Handley Gill summarises the Government's publication of its response to the ‘Data: A New Direction’ consultation, previewing the content of the forthcoming Data Reform Bill, which was proposed in ‘The Benefits of Brexit’ policy paper and formally announced in the Queen’s Speech 2022.

Read More
Nicola CainPersonal Data, UK GDPR, UK General Data Protection Regulation, Data Protection Act 2018, DPA 2018, PECR, Privacy and Electronic Communications Regulations, Data: A New Direction, Data Protection Reform, BREXIT, National Data Strategy, Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, Article 89 UK GDPR, Recital 159 UK GDPR, Recital 33 UK GDPR, Article 14 UK GDPR, Recital 62 UK GDPR, Disproportionate effort, Article 6(1)(f) UK GDPR, Political processing, Article 6 UK GDPR, Special Category Personal Data, Schedule 1 Data Protection Act 2018, Anonymity, Anonymous Data, Article 4(1) UK GDPR, the Council of Europe’s Convention 108, the Council of Europe Convention 108, Privacy management programme, Data Protection Officer, Article 37 UK GDPR, Data Protection Impact Assessment, DPIA, Article 35 UK GDPR, Article 30 UK GDPR, Records of Processing Activities, Article 36 UK GDPR, Prior Consultation, Article 12(5) UK GDPR, Manifestly Unfounded or Excessive, Article 45(2) UK GDPR, International data transfers, Adequacy Decision, s.17B(1) Data Protection Act 2018, Alternative Transfer Mechanisms, Article 46 UK GDPR, Law enforcement processing, Part 3 Data Protection Act 2018, Part 4 Data Protection Act 2018, Cookie Consent, Regulation 6 Privacy and Electronic Communications Regulations, Regulation 22(2) Privacy and Electronic Communications Regulations, Soft Opt-In, Marketing, Regulatory Enforcement, Information Commissioner, Statutory Duties, Statement of Strategic Priorities, Expert Panel, Technical Reports, Notice of Intent, Final Penalty Notice, AI, Artificial Intelligence, Article 22 UK GDPR, Automated Processing, Voluntary Undertakings, Data Breach Reporting, Article 33 UK GDPR, Article 15 UK GDPR, Data Subject Access Request, Reverse Transfers, Article 49 UK GDPR, Derogations, s.35 Digital Economy Act 2017, Data Sharing, Algorithm Transparency, Schedule 1 Part 2 Data Protection Act 2018, Substantial Public Interest, Biometric Data, Impact Assessments, Legitimate Interests Assessment, Biometrics Commissioner, Smart Data Schemes, Data Intermediaries, Article 46(2)(f) UK GDPR, Certification Regime, Surveillance Camera Commissioner, Schedule 16 paragraph 2(2) Data Protection Act 2018, Data Protection & Digital Information BillComment