The UK ICO’s last-minute revisions to its official guidance on the cookie laws focused on the possibility of “implied consent” for the use of cookies. This softening of the ICO’s position was sensible, notwithstanding that the whole cookie law saga brings EU tech law into disrepute. There was, however, another option open to the ICO. […]
Data Protection Law Archives - Page 2 of 2 - SEQ Legal
10 things you should know about … email marketing
This article highlights some of the key features of the law governing the use of email for marketing purposes. It considers only the position under English law. Although much of the UK legislation relating to email marketing is EU-inspired, the laws across the EU are not properly harmonized. The position under US law is also […]
The effects of the new cookies laws
On 26 May 2011, the rules about the use of cookies and similar technologies were changed. The change was prompted by amendments to the EU’s Privacy and Electronic Communications Directive. Although several weeks have passed since the change, few websites comply with the new law, and confusing guidance from the UK and EU data protection […]
What is personal data?
Personal data has no easy, clear-cut legal definition. The definition set out in the Data Protection Act 1998, enacted following European legislation in the form of Directive 95/46/EC, leaves businesses and their advisers dealing with a significant amount of uncertainty. “Personal data” are defined in the 1998 Act as: … data which relate to a […]
Websites, data protection and children
The first principle of data protection law is that personal data must be processed fairly and lawfully, and that one or more specified conditions must be met. Perhaps the most important of those conditions affecting the collection and use of personal data via websites is: “The data subject has given his consent to the processing” […]
International transfers of personal data
Website operators commonly transfer the personal data of their users overseas. However, the UK’s Data Protection Act 1998 expressly restricts certain transfers of personal data outside the European Economic Area : “Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate […]
A very brief introduction to data protection
The centrepiece of UK data protection law is the Data Protection Act 1998 (the “DPA”). This legislation was enacted pursuant to a European Directive. Data protection law governs the “processing” of “personal data”. “Processing” is defined in the Act to mean: “… obtaining, recording or holding the information or data or carrying out any operation […]