Now you see me...

As police forces are encouraged by the government to expand their use of live facial recognition technologies, with the Prime Minister announcing additional funding, Handley Gill Limited’s specialist consultants consider the legal issues that arise and the actions that Chief Constables and forces must take prior to deploying or even procuring LFR for law enforcement purposes.

Nicola Cain15 April 2024Data Protection, Personal Data, Part 3 DPA 2018, Part 3 Data Protection Act 2018, Law Enforcement, Law Enforcement Processing, Police, Policing, Biometric data, Biometric Processing, Sensitive Processing, Human Rights, DATA PROTECTION ACT 2018, Human Rights Act 1998, Article 8, Article 8 ECHR, Article 8 European Convention on Human Rights, Article 14 ECHR, Article 14 European Convention on Human Rights, Facial Recognition, Live Facial Recognition, LFR, Public Sector Equality Duty, PSED, Discrimination, Bias, Surveillance, Surveillance Camera Commissioner, Biometrics Commissioner, Data protection impact assessment, DPIA, Appropriate Policy Document, Equality Impact Assessment, Community Impact Assessment, Human Rights Impact Assessment, Cyber Security Risk Assessment, Integrated Impact Assessment, Model Card, Algorithmic Impact Assessment, Algorithmic Transparency Report, Algorithmic Transparency, Data Processing Agreement, Data Sharing Agreement, Joint Controller Agreement, Privacy Policy, Privacy Notice, House of Lords Justice & Home Affairs CommitteeComment

Commended

Team at Handley Gill Limited receive an award commending the legal services provide to its client, the City of London Corporation acting in its capacity as police authority for the City of London Police in connection with the National Police Chiefs’ Council’s (NPCC’s) National Cybercrime Programme, which the City hosts.

Non-sequitur

Handley Gill’s specialist data protection consultants consider the conclusions and implications of the College of Policing’s review of Lancashire Constabulary’s handling of the investigation into the disappearance of Nicola Bulley for the processing of personal data for law enforcement purposes by police forces and other competent authorities under Part 3 Data Protection Act 2018.

PSNI Blues

Reflecting on the reprimand issued by the Information Commissioner against the Police Service of Northern Ireland (PSNI) for unlawfully transferring personal data processed for the law enforcement purposes under Part 3 Data Protection Act 2018 to the USA, Handley Gill’s consultants identify the elements of a compliance programme that would mitigate against such incidents and have produced a downloadable pdf illustrating each lawful basis for transferring personal data processed under Part 3 DPA 2018 overseas.

Who's Under Investigation?

The Information Commissioner recently published an opinion, 'Who’s Under Investigation? The processing of victims’ personal data in rape and serious sexual offence investigations', which calls on the police, CPS and other prosecution agencies to overhaul their approach to the obtaining and retention of victim personal data.

Nicola Cain13 June 2022Data Protection, Personal Data, Data Protection Act 2018, Part 3 Data Protection Act 2018, Law enforcement processing, Information Commissioner, Police, Training, Consent, Lawful Basis for Processing, Criminal Justice System, Victims, Witnesses, Law EnforcementComment

Too Many Phish in the Sea!

DCMS has recently published its Cyber Security Breaches Survey 2022, based on data gathered by IPSOS MORI over winter 2021/22, which reveals that businesses and charities continue to be under prepared to respond to inevitable cyber security incidents and data breaches.

In this post, we highlight some of the key findings of the survey and identify advice, guidance and free solutions to common cyber resilience shortcomings.

Protective MeasuresNicola Cain17 April 2022Handley Gill Limited#CyberSecurity, #DataBreach, #CyberAttack, #Phishing, #Ransomware, #GDPR, #UKGDPR, #DPA2018, #DCMS, #CyberSecurityBreachesSurvey, #CyberSecurityBreachesSurvey2022, #DataBreachStatistics, #Malware, #CyberResilience, #CyberInsurance, #IncidentResponse, #CyberSecurityIncident, #DataBreachResponse, #SMEs, #Charities, #Business, #Charity, #Retail, #Education, #NCSC, #PoliceCyberAlarm, #NPCC, #LawEnforcement, #ActionFraud, #Police, #Sanctions, #SupplyChainRisk, #ThirdPartyRisk, #Training, #Logging, #TechnicalAndOrganisationalMeasures, #Penalties, #Article28, #Article32, #DataProtection, #Compliance, #SupplyChainSecurity, #CyberSecurityStrategy, #IncidentResponsePlan, #Trustees, #BusinessContinuity, #DisasterRecovery, #DataBreachReporting, #CyberCover, #IncidentReporting, #CSuite, Cyber Security, DCMS, Ransomware, Data Breach, Supply Chain Risk, Directors, Law Enforcement, Police, NCSC, National Cyber Security Centre, Cyber Attack, GDPR, UK GDPR, General Data Protection Regulation, DPA 2018, Data Protection Act 2018, Department for Culture, Cyber Security Breaches Survey, Cyber Security Breaches Survey 2022, Data Breach Statistics, Malware, Cyber Resilience, Cyber Insurance, Incident Response, Cyber Security Incident, Data Breach Response, SMEs, Micro Businesses, Charities, Start Ups, Retail, Education, Police CyberAlarm, NPCC, National Police Chiefs' Council, Action Fraud, Information Security, Cyber Crime, Sanctions, Third Party Risk, Training, Logging, Technical & Organisational Measures, Protective Measures, Costs, Fines, Administrative fine, Penalties, Monetary penalty, Data Protection, Article 28 GDPR, Article 32 GDPR, Article 28 UK GDPR, Article 32 UK GDPR, Compliance, Cyber Griffin, Cyber Essentials, Supply Chain Security, Cyber Security Strategy, Incident Response Plan, Breach Response Plan, Data breach costs, Trustees, Business Continuity, Disaster Recovery, Data Breach Reporting, Cyber Insurance Cover, Incident Reporting, C Suite, Data Controller, Data ProcessorComment