May 17, 2019
Purposeful and comprehensive data privacy
With GDPR's first anniversary approaching, we analyse the first results of GDPR readiness programmes and explains the importance of a purposeful data privacy approach.
Data Protection
Insights on developments in data protection and privacy, regulatory enforcement trends, court cases and law reform, from PwC UK and PwC Legal.
All articles
May 13, 2019
The Interconnected world - how do you solve a problem like third party risk?
What six steps can you take to emerge as a winner in an interconnected world? Read our latest blog on third party risk.
April 15, 2019
A wise organisation builds its products and services upon the… sand?
In this blog Simon, Shervin and James assess the ICO regulatory sandbox by discussing its upsides and downsides as well as how the regulatory sandbox works
April 12, 2019
Can your third parties be trusted to protect your personal data? What the regulator wants you to demonstrate
The need to monitor third parties in the GDPR live environment is well understood. But how should this work in practice? In this blog post, Victoria Back explores how to give stakeholders comfort that your organisation is taking third party trust seriously.
April 09, 2019
Purposeful Data Privacy – how tech and data professionals can help change the narrative
In this insight we explain the importance of delivering data privacy outcomes in the technology and data layers of business, and sets out PwC’s new vision for data privacy; the Journey to Code.
April 02, 2019
The ICO and the FCA - a Special Relationship in the Data Privacy World
The Information Commissioner's Office ('ICO') and Financial Conduct Authority ('FCA') took one more step to strengthen their collaboration in February by signing a revised Memorandum of Understanding. Read Tughan Thuraisingam and Sara Jameel's blog for a run through of the key points and practical implications of the growing relationship between these regulators.
March 19, 2019
Can your third parties be trusted to protect your personal data? Monitoring your supply chain
Trust in your supply chain is paramount to increasing stakeholder confidence in your organisation's compliance with the GDPR. In this blog post, Victoria Back explores the journey to third party trust and continuous compliance.
March 19, 2019
What about Non-Personal Data? The new EU Regulation at a glance
In this blog post, Dr Davide Borelli and Timothy Neo discuss how the Non-Personal Data Regulation and the GDPR impact compliance obligations concerning non-personal data and where businesses could benefit by refraining from an inextricable linkage between personal data and non-personal data.
February 27, 2019
Unlawful Disclosure of Personal Data: Who Carries the Burden of Proof Now?
In this post, James Lloyd and Simon Davis examine the Court of Appeal's guidance on Section 170 of the Data Protection Act 2018 in Shepherd v Information Commissioner [2019] EWCA Crim 2.
February 25, 2019
After the breach: counting the (regulatory) cost
In this blog post, Andrea Holder and Lewis Brady look at the factors the Information Commissioner's Office (the “ICO”) may consider when levying a fine, and therefore what steps organisations should take to mitigate these considerations.
February 07, 2019
Data Protection , Cyber Crime & Modern Business
Cyber crime remains a key issue for businesses worldwide. In this blog Richard Hall looks at how far we have come since the Council of Europe Convention on Cyber Crime in Budapest and the next steps to dealing with cyber-crime and data protection.
January 29, 2019
The free flow of data between the EU and Japan
In this blog post, Dr Davide Borelli examines the adequacy that EU and Japan reciprocally recognised of each other's data privacy systems on January 23, 2019, allowing personal data to freely flow between the two economies while guaranteeing a consistent and strong level of data protection.
January 24, 2019
Artificial Intelligence (AI) and the GDPR– Part Two
In Part Two of our blog series on Artificial Intelligence, Emily Sheen and Ningxin Xie discuss some of the main requirements of businesses who utilise artificial intelligence in practice, and look at the key trends that are being discussed around the use of AI technologies.
January 18, 2019
Threats posed to Personal Data by Social Engineering
The advent of the GDPR means that organisations will need to make increased efforts to deal with specific threats and this includes those posed by social engineering attacks. In this blog post, Richard Hall explores the different types of social engineering attacks and what you can do to assist in reducing those risks as part of your compliance efforts.
January 16, 2019
No deal Brexit and the impact on cross-border data flows
In this blog post, Polly Ralph and Olivia Wint discuss contingency planning to maintain EU - UK data flows in the context of a no deal brexit scenario.
January 08, 2019
Individuals responsible for PECR breaches could face fines
By Simon Davis, Senior Associate. PECR (Amendment) Regulations 2018 came into effect in the UK on 17 December 2018. Simon Davis discusses what this means for organisations and for individuals of influence within these.
January 07, 2019
Artificial Intelligence (AI) and the GDPR - Part one
In this blog post, Emily Sheen and Ningxin Xie outline some of the key considerations which organisations should be taking into account when developing and/or deploying AI technologies, especially if these technologies carry out automated decision-making services that fall under the scope of the GDPR, to maintain public trust in a product or service.
December 12, 2018
What should I do if I discover a personal data breach?
When an organisation discovers a personal data breach it is hard not to catastrophize. It is well known and understood that the GDPR has introduced a mandatory breach reporting requirement in many circumstances, and with reporting comes regulatory, and often, public scrutiny.
November 23, 2018
GDPR … what’s all the liability about?
For most organisations acting as data processors, the GDPR's potential 4% fine of global group turnover fundamentally changed the risk profile of their commercial relationships with clients, customers or suppliers, causing them to be increasingly resistant to accepting uncapped and unlimited liability for losses. Sarim Shaikh discusses the issues that are often overlooked by organisations when negotiating these liability provisions.
November 16, 2018
GDPR - A new dawn for data protection or just a moment in time?
ePrivacy, enforcement and a new breed of privacy advocate. Samantha Sayers looks into the current and future privacy landscape, several months into the GDPR.
