Data Privacy Day 2020...are you ready?

At Knights plc, we advise businesses across a range of sectors and industries on all aspects of data protection compliance. You may have seen our series of articles which we have published over the last 12 months covering various data protection issues, starting with our introductory article headlined ‘What’s hot in GDPR right now…?’

As we approach Data Privacy Day (an international event which is taking place on 28 January 2020), it seems fitting to reflect on some of the themes that have emerged and the issues faced by our clients since the introduction of the GDPR. Since the implementation of the new law in May 2018, we have seen organisations across the nation (and indeed across the globe) grapple with the new European law in a bid to stay on the right side of compliance. In particular, we have noted the following:

1. An influx of data subject access requests. Individuals have the right to access their personal data, and it seems that the abolition of the ￡10 fee payable under the previous legislation, combined with the publicity that the GDPR has attracted, has encouraged more individuals to exercise these rights. Subject access requests often accompany contentious circumstances and shadow claims or complaints from disgruntled employees or customers. We have also seen a general heightened awareness of the concept of data protection and there is an increased public expectation on organisations to handle personal data with care.
2. ICO enforcement action. The Information Commissioner’s Office (ICO) have started to take enforcement action under the new regulations, largely in respect of security breaches, unlawful marketing and failure to respond to subject access requests. The ICO can now issue financial penalties of up to 20 million euros, or 4% of global annual turnover (whichever is higher).
3. Personal data breaches. Organisations are becoming more aware of how to prevent, prepare for and respond to personal data breaches. This includes providing staff training, implementation of policies and cyber-security measures and engagement with the ICO in the mandatory self-reporting process.
4. Technology. We are increasingly asked to advise on the data protection issues stemming from the use of technology such as CCTV, Artificial Intelligence, ‘ad-tech’ and cookies.

Keep an eye out for our upcoming articles ahead of Data Privacy Day, in which we will explore some of the above themes in greater detail.

In the meantime, if you would like to discuss further or enquire about advice on any data protection issue, please call one of the Knights plc Data Protection Team whose details can be found here:

Knights plc | Data Protection Team