Handley Gill
LEGAL, REGULATORY & COMPLIANCE CONSULTANTS

Handley Gill Limited

Our expert consultants at Handley Gill share their knowledge and advice on emerging data protection, privacy, content regulation, reputation management, cyber security, and information access issues in our blog.

Posts tagged Regulatory Action Policy
Regulation regeneration?
Regulation regeneration?

Handley Gill’s consultants respond to the Department for Business and Trade’s consultation on ‘Smarter Regulation and the Regulatory Landscape’, drawing on their experience of advising and representing individuals and regulated entities on data protection, online safety, content regulation, AI, human rights and ESG issues before regulators including the Information Commissioner’s Office, Ofcom and the Competition and Markets Authority (CMA).

Read More
Nicola CainDepartment for Business and Trade, Regulation, Regulatory Enforcement, Smarter Regulation, Smarter Regulation and the Regulatory Landscape, Information Commissioner, Information Commissioner's Office, OFCOM, Competition and Markets Authority, Consultation, Consultation Response, Regulatory Action Policy, Data Protection, Data Protection Regulation, Data Protection Enforcement, Online Safety, Online Harms, Broadcasting Regulation, CONTENT REGULATION, AI, Artificial Intelligence, AI Regulation, Human Rights, ESGComment
It’s a fine life
It’s a fine life

Handley Gill’s specialist data protection consultants respond to the Information Commissioner’s consultation on its draft Data Protection Fining Guidance, which will replace relevant parts of its Regulatory Action Policy (2018) relating to when the issue of a monetary penalty notice is appropriate and the approach to calculating any fine.  

Read More
Nicola CainData Protection, UK GDPR, UK GENERAL DATA PROTECTION REGULATION, DPA 2018, DATA PROTECTION ACT 2018, Data enforcement, Penalty Notice, Monetary Penalty Notice, MPN, Administrative fine, Regulatory Action Policy, Regulatory Enforcement, Article 83 UK GDPR, Section 155 Data Protection Act 2018, S.155 DP 2018, Consultation Response, Data Protection Fining Guidance, Information Commissioner, Information Commissioner's Office, ICO, Undertaking, Data Protection Harms, ICO Taxonomy of Data Protection Harms, ConsultationComment
CrapITa
CrapITa

Handley Gill’s data protection consultants consider recent supply chain cyber attacks, including the unfolding of the recent Capita and Zellis / MOVEit data breaches, and identify the steps data controllers should take when engaging data processors as part of their supply chain or giving third parties access to personal data, and the lessons to be learned for vendor management throughout the data processing lifecycle.

Read More
Nicola CainData Protection, Personal Data, Information Security, Cyber Security, Cyber Resilience, Cyber Attack, Data Breach, Supply Chain Risk, Supply Chain Security, Vendor Management, Capita, UK GDPR, UK GENERAL DATA PROTECTION REGULATION, DATA PROTECTION ACT 2018, Information Commissioner, Information Commissioner's Office, ICO, Pensions Regulator, Financial Conduct Authority, FCA, Data subjects, Compensation, Data litigation, Ransom, Ransom Payment, Department for Science Innovation & Technology, DSIT, Cyber Security Breaches Survey 2023, Article 25(1) UK GDPR, Article 25(1) GDPR, Data Controller, Data Processor, Data Processing Agreement, DPA, Data Processing, Article 28 GDPR, Article 28 UK GDPR, Article 32 GDPR, Article 32 UK GDPR, Cyber Insurance, Cyber Insurance Cover, Liability, Data protection impact assessment, DPIA, Administrative fine, Monetary penalty, Article 82(3) UK GDPR, Article 82(3) GDPR, Regulatory Action Policy, Article 33 UK GDPR, Article 33 GDPR, Article 34 UK GDPR, Data Breach Notification, Breach Response Plan, Incident Response Plan, Injunction, Injunctive Relief, Article 82 GDPR, Article 82 UK GDPR, CVE-2023-34362Comment
B.A. B.A. Black Sheep Returns to the Fold
B.A. B.A. Black Sheep Returns to the Fold

British Airways settles data breach group litigation compensation claims, concluding legal and regulatory proceedings following criminal hack

Read More
Nicola CainData Protection Act 2018, GDPR, General Data Protection Regulation, Data Breach, Hack, Data enforcement, Data regulation, Data litigation, Data protection, Lead supervisory authority, ICO, Data controller, Monetary penalty, Administrative fine, Article 83 GDPR, Article 82 GDPR, Compensation, Regulatory Action Policy, TLT & others v Secretary of State for the Home Department & another [2016] EWHC 2217 (QB), Lloyd v Google LLC [2019] EWCA Civ 1599, Data breach costs, Costs, Group litigation, British Airways Data Event Group Litigation, Weaver & others v British Airways plc [2021] EWHC 217 (QB), Weaver & others v British Airways plc [2021] EWHC 520 (QB), Cyber Security, Technical and organisational measures, Article 24 GDPRComment