1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar

Less than half of businesses prepared for GDPR

According to new research carried out by the Department for Digital, Culture, Media & Sports, less than half of all UK businesses and charities are aware of the changes to UK data protection law under the EU's General Data Protection Regulation (GDPR) which will come into force on 25 May 2018.
Read more »
Less than half of businesses prepared for GDPR

You’re invited to our interactive workshop – tackling GDPR in the employment context

The introduction of GDPR on 25 May 2018 represents the biggest shake-up of data protection and privacy law in decades. It will radically change how we view and deal with employee personal data. A key change is that employers will effectively no longer rely upon "consent" from employees to process their data, in what is set to be a major change, and will need to have tools in place to meet requests to be forgotten.
Read more »
You’re invited to our interactive workshop – tackling GDPR in the employment context

Surveillance at work

The European Court of Human Rights has found that the covert surveillance of an employee at his or her workplace must be considered to be a considerable intrusion into his or her private life. It entails a recorded and reproducible documentation of a person's conduct at his or her workplace, which he or she, being obliged under the employment contract to perform the work in that place, cannot evade.
Read more »
Surveillance at work

Data protection breaches: vicarious liability for employee’s criminal actions

WM Morrisons Supermarkets plc have been found vicariously liable for a data protection breach after an employee bearing a grudge deliberately published personal details of 100,000 of its employees on the internet.
Read more »
Data protection breaches: vicarious liability for employee’s criminal actions

GDPR: time to start thinking about the new rules coming into force from 2018

The EU's General Data Protection Regulations (GDPR) will apply in the UK from 25 May next year. With increasingly tighter requirements around how employers must maintain and process personal data, and with the number of fines issued for breaches of UK data protection laws on the increase, many employers are already looking to employ permanent staff dedicated to ensure compliance with the new rules.
Read more »
GDPR: time to start thinking about the new rules coming into force from 2018

Insight: UK Employment Law Round-up – June 2016

In this issue we look into the implications of misusing data in the employment context. In particular, we utline recent ICO prosecutions of employees for unlawfully obtaining data. We also look at a decision involving interim relief and an order for the deletion of data.

UK Employment Law Round-up – June 2016In our case law review we also analyse the Advocate General’s view on a ban on wearing a headscarf at work and whether that is discriminatory under the European Directive.

For those concerned about issues involving working time, there is a helpful clarification about injury to feelings awards in the context of Working Time Regulations claims.

There are also some indications of future legislative changes in relation to the National Minimum Wage and increasing the representation of black and minority ethnic workers in the workplace.

Read the full newsletter here.

Insight: UK Employment Law Round-up – June 2016

Data protection: consent and the employment contract

The European Parliament has now passed the new General Data Protection Regulation. This will come into effect in 2018. The Regulation does make some changes to the law currently implemented by the Data Protection Act, which employers need to be aware of. In particular, the Regulation sets out tighter requirements for obtaining consent from employees to processing their personal data.

The current law requires that this consent must be “freely given, informed, and specific”. Under the new Regulation it must also be “explicit”. In addition, it states that where consent is given in a written document which also concerns other matters, it must be presented in a manner which is clearly distinguishable from those other matters.

This will have implications for employers who seek to obtain consent to data processing in the employment contract, as is often the case. Applying the Regulation, this would not be sufficient. This can probably be dealt with by asking staff to sign a separate document consenting to the processing of their data (in the same way that Working Time Regulation opt-outs are usually signed now). Employers will need to be careful of the wording of the consent forms to ensure that consent is freely given. They should also make sure that employees know exactly what they are consenting to.

Data protection: consent and the employment contract

Insight: UK Employment Law Round-up – January 2016

UK Employment Newsletter 3DCover In this edition we will be taking a look at the issues that are likely to be affecting employers in 2016, starting with a round-up of the cases to watch out for which will affect redundancy consultation processes, the extent of whistleblower protections and what might be expected of data controllers when complying with subject access requests. There are, of course, many other cases coming before the appellate courts this year which will shape the ever-changing employment law landscape in 2016.

Read the full newsletter here.

Insight: UK Employment Law Round-up – January 2016

Insight: Vicarious liability and the dangerous repercussions of a rogue employee

Imagine the scenario: you have a disgruntled employee who decides to leak details about your staff on to the internet. You then receive a High Court claim from your staff because of this employee’s action. Can your staff really bring a claim against your business? The company did not leak the data, the employee did.

This is the situation that supermarket chain Morrisons now faces in the High Court, in what we are sure will be a hotly contested case. Andrew Skelton, a senior auditor at Morrisons, was disciplined for using the post room to send out personal packages. On March 14, 2014, Skelton (seemingly in an act of revenge) published online and sent a local newspaper personal data relating to 99,998 Morrisons staff. This information included bank account details and National Insurance numbers. Skelton was jailed for eight years in July 2015 for his actions.

On October 26, 2015, Senior Master Barbara Fontaine at the High Court (Queen’s Bench Division) allowed affected staff to pursue a group claim against Morrisons. At the moment, we understand that nearly 2,000 staff are part of this action but the Senior Master has stayed the proceedings for a four-month period to allow other affected employees to join the claim.

Read the full article here.

Insight: Vicarious liability and the dangerous repercussions of a rogue employee