The First-Tier Tribunal and the anonymisation of clinical trial data: a reasoned expression of Englishness…. which would have to be abandoned with the GDPR?

Posted on September 19, 2016 by Sophie Stalla-Bourdillon • 1 Comment

The Queen Mary University of London v (1) The Information Commissioner and (2) Alem Matthees, EA/2015/0269 case decided by the First-Tier Tribunal (Information Rights) (FTT(IR)) on 12 August 2016 is a fascinating decision. [Could it be a stylish expression of Englishness…. or otherness?] The case-facts concern a freedom of information request for clinical trial patient data … Continue reading →

anonymisation / big data / Data protection / General Data Protection Regulation / Geo-location data / Personal data / Privacy / Privacy impact assessment / pseudonymisation

Location Data and Making Sense of the Goldilocks Paradox of Legal Anonymisation (too much, too little or just right…?)

Posted on May 24, 2016 by Alison Knight • Leave a comment

Collect, delete, repeat …. From ‘Where I am’ to ‘Who I am’, and back again? To pick up the thread from my previous posts on the topic of location data here and here, this final piece in the set returns to the first theme I discussed. This relates to the legal debate over when location … Continue reading →

consent / Data protection / General Data Protection Regulation / Geo-location data / Personal data

Geo-Location Data Processing and Meaningful Consent – A Comparison of Latest Data Protection Guidance

Posted on May 20, 2016 by Alison Knight • Leave a comment

Of ‘Mice and Men’ to ‘Maps and Machines’ – “Whatever in creation exists without my knowledge exists without my consent.” Further to my post in March, the purpose of this sequel post is to continue considering two guidelines published by European regulators regarding the processing of geolocation data. I continue to delve into the cloudy legal … Continue reading →

Data protection / Geo-location data / Personal data

Latest Policy Guidance Published on Data Protection and Location Analytics Data

Posted on March 11, 2016 by Alison Knight • 1 Comment

‘We Know Where You Are’ to ‘We Know Who You Are’ … How far are the risks involved with processing information collected from geo-location technologies alleviated by data protection rules? With the wide uptake of smart mobile devices and the rapid development of location-based apps and services, all kinds of geographic information about us are … Continue reading →

Access to data / Breach notification / Data protection / Data retention / General Data Protection Regulation / Law enforcement / Personal data / Privacy / Privacy impact assessment / Surveillance

Article 29 WP and the draft directive on the processing of personal data by law enforcement agencies: has Article 29 WP been heard?

Posted on January 14, 2016 by Sophie Stalla-Bourdillon • 3 Comments

Last month, the Permanent Representatives Committee (Coreper) of the Council of the EU the compromise texts agreed with the European Parliament on data protection reform. As a reminder, the reform is a legislative package concerning two legislative instruments: the second of which discussed here (and far less catching the press headlines than the General Data … Continue reading →

Intelligence and security agencies / interception / Personal data / Surveillance / terrorism

Bulk Personal Datasets and the ‘Spectre’ of Pervasive Surveillance Concerns Back in the Spotlight with the Investigatory Powers Bill

Posted on December 18, 2015 by Alison Knight • 2 Comments

Are proposals to introduce oversights over state powers to obtain, analyse, and retain mass sets of personal details sufficient to alleviate concerns where they include data about individuals unconnected to investigations? Much has been written about the UK government’s proposed new Investigatory Powers Bill (IPB) since it was published for consultation by the Home Office, … Continue reading →

anonymisation / big data / Data protection / General Data Protection Regulation / Personal data / pseudonymisation / research / sensitive data

What does the agreed version of the GDPR say about processing personal data for research purposes? Is the GDPR better than the Directive?

Posted on December 18, 2015 by Sophie Stalla-Bourdillon • 2 Comments

What does the agreed version of the GDPR say about processing personal data for research purposes? Is the GDPD better than the Directive? So here we are. It’s almost Christmas and after three years of intense debate the Council of the European Union and the European Parliament have announced that they have informally agreed on … Continue reading →

Access to data / content data / Data protection / Data retention / deep packet inspection / ISPs / Law enforcement / metadata / Personal data / Privacy / Surveillance

The Draft IP Bill and data retention obligations: on the irony of the invalidation of the Data Retention Directive

Posted on November 17, 2015 by Sophie Stalla-Bourdillon • 3 Comments

The Draft Investigatory Powers (IP) Bill was published on the 4th of November. It aims to “govern the use and oversight of investigatory powers by law enforcement and the security and intelligence agencies” in the UK. It is an attempt both to simplify the legal framework and legalise practices, which means it is, in part, … Continue reading →

Data protection / ICO / metadata / Personal data

ICO issues guidance on when and how to remove personal data “safely” from disclosable information to avoid breaching data protection rules

Posted on November 2, 2015 by Alison Knight • 1 Comment

To be identifiable or not to be identifiable – to what extent do our identities merit concealment through law in light of the capabilities of modern technologies? The UK Information Commissioner’s Office (ICO) has recently published guidance on what to do when handling requests for information in respect of which personal data must first be … Continue reading →

anonymisation / General Data Protection Regulation / Personal data

A German view of the Council’s proposed General Data Protection Regulation: let’s try one more time… by the way what do we do with Browser-Generated Information?

Posted on September 16, 2015 by Sophie Stalla-Bourdillon • 1 Comment

The Council of the European Union released its version of the Proposed Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation or ‘GDPR’) on 11 June 2015, as mentioned by … Continue reading →

%d bloggers like this:

Peep Beep!

Peep Beep! (the clock that rings when they peep in!) is a blog dedicated to privacy and information law. #law #privacy #dataprotection #AI #informationsecurity. Interested in contributing? Email peepbeepteam at gmail dot com.

Category Archives: Personal data

Location Data and Making Sense of the Goldilocks Paradox of Legal Anonymisation (too much, too little or just right…?)

Like this:

Latest Policy Guidance Published on Data Protection and Location Analytics Data

Like this:

Article 29 WP and the draft directive on the processing of personal data by law enforcement agencies: has Article 29 WP been heard?

Like this:

Bulk Personal Datasets and the ‘Spectre’ of Pervasive Surveillance Concerns Back in the Spotlight with the Investigatory Powers Bill

Like this:

The Draft IP Bill and data retention obligations: on the irony of the invalidation of the Data Retention Directive

Like this:

ICO issues guidance on when and how to remove personal data “safely” from disclosable information to avoid breaching data protection rules

Like this:

A German view of the Council’s proposed General Data Protection Regulation: let’s try one more time… by the way what do we do with Browser-Generated Information?

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this: