ICO releases guidance for mandatory collection of track and trace data

Following the UK Government’s tightening of track and trace measures last week, it is now mandatory for various organisations, including public authorities, to collect contact information for those visiting their establishments such as hotels, cafes, community centres or local libraries. These records can be called upon by contact tracing schemes such as the NHS Track…

Continue reading

Police use of Facial Recognition Technology found to be Unlawful

The Court of Appeal in the case of R (Bridges) -v- Chief Constable of South Wales Police and Others [2020] EWCA Civ 1058 overturned the High Court’s decision and found the use of facial recognition technology in this circumstance was unlawful. The Court of Appeal determined that the use of facial recognition technology being used…

Continue reading

What to do when things go wrong with your ERP implementation

Dos Know your contract! Firstly, familiarise yourself with your contract. The provisions have been carefully drafted and are there to be used. There is no substitute for reading the contract and no need to shy away from the contract for fear of ‘going contractual’: the contract provides the parties with a structure under which you can address…

Continue reading

Data protection considerations in Cloud-based ERP systems

In Part 5 of our six-part series on cloud-based ERP Projects, our specialist team of lawyers look at the key data protection considerations for a cloud-based ERP system. The procurement of Enterprise Resource Planning (ERP) systems is often a high priority and intensive task given the nature of the system and its strategic importance to…

Continue reading

Schrems II: EU-US Privacy Shield is invalid

On 16 July, the EU Court of Justice handed down its much anticipated ruling in Data Protection Commissioner v Facebook Ireland Limited, Maximillian Schrems (Case C-311/1) – otherwise known as “Schrems II”. The ruling represents a significant milestone for EU and US data transfers. Under the GDPR, the transfer of personal data to a country outside…

Continue reading