Handley Gill
LEGAL, REGULATORY & COMPLIANCE CONSULTANTS

Handley Gill Limited

Our expert consultants at Handley Gill share their knowledge and advice on emerging data protection, privacy, content regulation, reputation management, cyber security, and information access issues in our blog.

Exclusive: Information Commissioner’s Office kisses source protection goodbye
Exclusive: Information Commissioner’s Office kisses source protection goodbye

Exclusive: Information Commissioner’s Office breached obligations when targeting journalists’ sources by conducting raids over Hancock snog CCTV footage

Read More
EnforcementNicola CainData Protection, Personal Data, Data Protection Act 2018, DPA 2018, Data Offences, Data Protection Offences, Data Protection Enforcement, Law Enforcement, Journalism, Special Purposes, Schedule 2 Part 5 Data Protection Act 2018, Journalistic Source, Confidential Source, Source Protection, Unlawful Disclosure, s.170 Data Protection Act 2018, Search Warrant, Schedule 15 Data Protection Act 2018, Data Breach, Unlawful processing, Information Commissioner, Whistleblowing, Freedom of Expression, Article 10 European Convention on Human Rights, Human Rights Act 1998, Police and Criminal Evidence Act 1984, Data Reform Bill, Journalism CodeComment
Taking a wrong turn? Government pursues data protection reform
Taking a wrong turn? Government pursues data protection reform

The Government has today (10 May 2022) announced in the Queen’s Speech that further to its consultation ‘Data: A New Direction’ it will bring forward legislation in this Parliamentary session to reform the UK’s data protection law (the UK GDPR, Data Protection Act 2018 and Privacy and Electronic Communications Regulations) which has been adopted virtually wholesale from the European General Data Protection Regulation (GDPR).

Read More
Nicola CainData Protection, Personal Data, GDPR, General Data Protection Regulation, UK GDPR, UK General Data Protection Regulation, Data Protection Act 2018, DPA 2018, Privacy and Electronic Communications Regulations, PECR, Data Protection Reform, Data: A New Direction, Brexit, National Data Strategy, 10 Tech Priorities, Cookies, Data Protection Officer, Information Commissioner, International Data Transfers, Records of Processing Activities, Processing for Research Purposes, AI, Artificial Intelligence, Anonymous Data, Data Intermediaries, Data Stewards, Data Protection Impact Assessments, High Risk Processing, Prior Consultation, Data Breaches, Regulatory Enforcement, Voluntary Undertakings, Cookie Consent, Reverse Transfers, Digital Regulation Co-operation Forum, DRCF, Notice of Intent, Final Penalty Notice, Law Enforcement Processing, Part 3 Data Protection Act 2018, Part 4 Data Protection Act 2018, Automated Processing, Data Protection & Digital Information BillComment
Too Many Phish in the Sea!
Too Many Phish in the Sea!

DCMS has recently published its Cyber Security Breaches Survey 2022, based on data gathered by IPSOS MORI over winter 2021/22, which reveals that businesses and charities continue to be under prepared to respond to inevitable cyber security incidents and data breaches.

In this post, we highlight some of the key findings of the survey and identify advice, guidance and free solutions to common cyber resilience shortcomings.

Read More
Protective MeasuresNicola CainHandley Gill Limited#CyberSecurity, #DataBreach, #CyberAttack, #Phishing, #Ransomware, #GDPR, #UKGDPR, #DPA2018, #DCMS, #CyberSecurityBreachesSurvey, #CyberSecurityBreachesSurvey2022, #DataBreachStatistics, #Malware, #CyberResilience, #CyberInsurance, #IncidentResponse, #CyberSecurityIncident, #DataBreachResponse, #SMEs, #Charities, #Business, #Charity, #Retail, #Education, #NCSC, #PoliceCyberAlarm, #NPCC, #LawEnforcement, #ActionFraud, #Police, #Sanctions, #SupplyChainRisk, #ThirdPartyRisk, #Training, #Logging, #TechnicalAndOrganisationalMeasures, #Penalties, #Article28, #Article32, #DataProtection, #Compliance, #SupplyChainSecurity, #CyberSecurityStrategy, #IncidentResponsePlan, #Trustees, #BusinessContinuity, #DisasterRecovery, #DataBreachReporting, #CyberCover, #IncidentReporting, #CSuite, Cyber Security, DCMS, Ransomware, Data Breach, Supply Chain Risk, Directors, Law Enforcement, Police, NCSC, National Cyber Security Centre, Cyber Attack, GDPR, UK GDPR, General Data Protection Regulation, DPA 2018, Data Protection Act 2018, Department for Culture, Cyber Security Breaches Survey, Cyber Security Breaches Survey 2022, Data Breach Statistics, Malware, Cyber Resilience, Cyber Insurance, Incident Response, Cyber Security Incident, Data Breach Response, SMEs, Micro Businesses, Charities, Start Ups, Retail, Education, Police CyberAlarm, NPCC, National Police Chiefs' Council, Action Fraud, Information Security, Cyber Crime, Sanctions, Third Party Risk, Training, Logging, Technical & Organisational Measures, Protective Measures, Costs, Fines, Administrative fine, Penalties, Monetary penalty, Data Protection, Article 28 GDPR, Article 32 GDPR, Article 28 UK GDPR, Article 32 UK GDPR, Compliance, Cyber Griffin, Cyber Essentials, Supply Chain Security, Cyber Security Strategy, Incident Response Plan, Breach Response Plan, Data breach costs, Trustees, Business Continuity, Disaster Recovery, Data Breach Reporting, Cyber Insurance Cover, Incident Reporting, C Suite, Data Controller, Data ProcessorComment
VIG (Very Important Guidance) for VSPs
VIG (Very Important Guidance) for VSPs

Ofcom publishes guidance for UK video sharing platforms (VSPs) on their obligations to protect users from harmful content.

Read More
Nicola CainBREXIT, VSPs, VIDEO SHARING PLATFORMS, VSP FRAMEWORK, OFCOM, CONTENT REGULATION, ONLINE HARMS, ONLINE SAFETY, ONLINE SAFETY BILL, TECH REGULATION, TECHNOLOGY REGULATION, PLATFORM REGULATION, AUDIO VISUAL MEDIA SERVICES, AUDIOVISUAL MEDIA SERVICES, AUDIOVISUAL MEDIA SERVICES DIRECTIVE, AVMS, AVMSD, COMMUNICATIONS ACT 2003, UGC, USER GENERATED CONTENT, CHILDREN, CSAM, CHILD SEXUAL ABUSE MATERIAL, TERRORISM, RACISM, XENOPHOBIA, TERRORIST CONTENT, RACIST CONTENT, XENOPHOBIC CONTENT, BBFC, BRITISH BOARD OF FILM CLASSIFICATION, BBFC CLASSIFICATION GUIDELINES, R18 CONTENT, INCITEMENT OF VIOLENCE, INCITEMENT OF HATRED, PROTECTED CHARACTERISTICS, RESTRICTED MATERIAL, RELEVANT HARMFUL MATERIAL, INTERNET WATCH FOUNDATION, NATIONAL CENTRE FOR MISSING & EXPLOITED CHILDREN, NCMEC, THORN, TECH AGAINST TERRORISM, GLOBAL INTERNET FORUM TO COUNTER TERRORISM, Age Verification, Age Assurance, Advertising, Advertising Restrictions, Parental Control, Content RegulationComment
B.A. B.A. Black Sheep Returns to the Fold
B.A. B.A. Black Sheep Returns to the Fold

British Airways settles data breach group litigation compensation claims, concluding legal and regulatory proceedings following criminal hack

Read More
Nicola CainData Protection Act 2018, GDPR, General Data Protection Regulation, Data Breach, Hack, Data enforcement, Data regulation, Data litigation, Data protection, Lead supervisory authority, ICO, Data controller, Monetary penalty, Administrative fine, Article 83 GDPR, Article 82 GDPR, Compensation, Regulatory Action Policy, TLT & others v Secretary of State for the Home Department & another [2016] EWHC 2217 (QB), Lloyd v Google LLC [2019] EWCA Civ 1599, Data breach costs, Costs, Group litigation, British Airways Data Event Group Litigation, Weaver & others v British Airways plc [2021] EWHC 217 (QB), Weaver & others v British Airways plc [2021] EWHC 520 (QB), Cyber Security, Technical and organisational measures, Article 24 GDPRComment
Deep Impact on Data Protection Impact Assessments
Deep Impact on Data Protection Impact Assessments

Data controllers should revisit their Data Protection Impact Assessments (DPIAs).

Read More
DPIAsNicola CainData protection, Data protection impact assessment, GDPR, Article 35, Law enforcement processing, High risk processing, Data controller, Criminal conviction & offence data, Data Protection Act 2018, Section 64, Biometric data, Systematic public monitoring, Law Enforcement, Law Enforcement Processing, DPIA, Part 3 Data Protection Act 2018