Eoin P. Campbell is an honours law graduate (LL.B) from Queen's University Belfast and is a qualified solicitor. Eoin has moved from practicing law to teaching. Eoin is currently lecturing in law at two universities in Lyon, France, including a master's degree course in cyberlaw. Eoin provides commentary with a legal perspective on cybersecurity and data protection. He is an expert on data privacy and GDPR. You can contact Eoin via LinkedIn https://www.linkedin.com/in/eoin-campbell-6b427954/
Let us imagine the following scenario: In an effort to improve data security and conform with GDPR requirements, a small to medium sized business decides to implement a new policy of password protection; new passwords are to be issued to each employee on a weekly...
Given that more than a year has passed since the European Union’s General Data Protection Regulation (GDPR) was implemented, on the 25th May 2018 to be precise, most businesses are aware that they have a legal obligation to protect any ‘personal data’ which they...
Commonly recognised as the toughest privacy and security law on the planet, the European Union’s General Data Protection Regulation (or GDPR), imposes legal obligations on companies and organizations anywhere, so long as they handle data related to people situated in,...
On May 25th, 2018, the European Union’s General Data Protection Regulation (GDPR) replaced the Data Protection Directive of 1995. Unlike the previous legislation, the GDPR affects businesses and organisations which are based outside of the EU. The simple fact that all...
The GDPR was approved by the Parliament of the European Union on the 14th April 2016 and has been in force since the 25th May 2018. Organisations that are not compliant can now face heavy fines. Suffice to say, significant changes to the way businesses and companies...
The General Data Protection Regulation applies to any data controller and processor who deals with the data of EU citizens or residents, whether the data handler is based within the European Union or not. In addition to ensuring that they meet general compliance...
The General Data Protection Regulation came into effect throughout the member states of the European Union on the 25th May 2018. As you are no doubt already well aware, the GDPR is, in simple terms, a new framework of conditions aimed at giving citizens of the...
The Federal Trade Commission (FTC) has a Health Breach Notification Rule, similar to the Breach Notification Rule of the Health Insurance Portability and Accountability Act (HIPAA). The FTC has recently released a Policy Statement confirming digital health app and...
Some have called it the “new normal”. Others speak of the “Post-Covid world.” More positive and hopeful voices tell us that the Covid-19 pandemic, while painful, is but a temporary hiccup in the history of humanity. Whatever the truth of the matter it is clear that...
Two court rulings made in July 2020 may prove to be among the most important legal precedents that American tech companies will ever have had to come to grips with. What is particularly interesting about these two decisions is that they were not made by the Supreme...
In a statement released on the 29th of June 2020, TikTok, the Chinese video-sharing social networking service owned by ByteDance, announced its decision to move the responsibility for safeguarding the privacy of its European users to its Irish and UK entities. ...
Implemented on the 25th of May 2018, Europe’s General Data Protection Regulation (GDPR), has now entered the terrible twos. Birthdays are an occasion to take stock, and this anniversary is particularly interesting from an American perspective. For those who need...
Fresh Data Breach Heartbreak for Marriott Hotel Group In December 2018, Marriott International disclosed a breach which had impacted some 383 million guest records. Industry specialists at the time viewed the data failure as a key example of the risks inherent in...
Virgin Media Ltd, which provides television, telephone and internet services throughout the United Kingdom may have to fork out up to £4,500,000,000 (roughly $5.5 billion) after a data security breach in which personal information belonging to its customers was...
Privacy Authority to impose $8 Million Penalty Google has announced that it intends to appeal the recent General Data Protection Regulation fine, its second, levied by Sweden’s Data Protection Authority against the internet giant. A fine of 75 million kroner...
The UK’s Information Commissioner’s Office, or ICO, has imposed a fine of £500,000 ($603,750) on Cathay Pacific Airways for its failure to adequately protect the personal data of customers. The half-million pounds fine is in fact the maximum possible under the...
Various industry specialists, including Adobe Analytics, have reported that increasing consumer concern, and indeed shop closures, following the worldwide COVID-19 outbreak is already influencing our online shopping behaviour in a significant manner. While traditional...
The Haga Hospital in the Hague has become the first Dutch body to be fined for violation of Europe’s new privacy law, the General Data Protection Regulation (GDPR). NU.nl has reported that a fine of €460,000 is being imposed on the Hospital for failing to...
It has been a long journey, but what may prove to be a crucial data privacy case from Ireland has finally made its way to Luxembourg’s Court of Justice of the European Union (CJEU). On Tuesday the court heard arguments in what has become referred to as the...
According to a story first reported by the Irish Times on the 23rd of July 2019, it appears that the reach of the General Data Protection Regulation may extend to a form of record keeping that few would have envisaged as relevant when the regulation was first drafted:...
In January 2019 the French Data Protection Authority (the CNIL), hit Google LLC with a record €50m fine for failing to comply with the EU’s General Data Protection Regulation (GDPR). A decision made on the 28th May 2019 which imposes a €400,000 fine on SERGIC, a...
The UK Information Commissioner’s Office (ICO) has announced that it intends to fine British Airways for a recent infringement of the General Data Protection Regulation (GDPR). The security breach occurred when British Airways customers were directed away from...
Today marks the first anniversary of the introduction of the European Union’s General Data Protection Regulation (GDPR). As the solitary candle of the birthday cake is being blown out, we can take a moment to reflect upon what has undoubtedly been an eventful...
Italy’s first GDPR fine has been issued by the Garante, the Italian Data Protection Authority. Action was taken due to the failure to implement privacy security measures in the aftermath of a data breach on the “Rousseau” platform. The platform operates the...
