Financial Conduct Authority

Guilty Until Proven Innocent – Financial Services Update

Posted · Add Comment

The latest development in the ongoing plans to implement the Senior Person’s Regime for Financial Services is that the Treasury has made a U-turn on its proposal to impose a ‘guilty until proven innocent’ approach. The so-called “reverse burden of proof” would have demanded senior bankers proved they were unaware of any wrongdoing at their […]

Ding dong, Safe Harbor is (effectively) dead…

Posted · Add Comment

As expected, the Court of Justice of the European Union (“CJEU“) has declared EU-US Safe Harbor protocol to be invalid. The implications of this judgment are potentially wide-ranging and still being digested, and the precise parameters of the impact is expected to become clearer as additional guidance is provided by EU regulators.  Initial responses from […]

Russian Regulator publishes Data Localisation clarifications: one month to go…

Posted · Add Comment

The long requested guidance to interpreting the Russian Data Localisation laws have now been released by the Ministry of Communications, just one month before the new law comes into force, which requires that organisations that collect personal data from individuals in Russia store that data within Russian territory. The guidance is non-binding, but these are […]

EU Data Privacy Reform Update: Make Mine A Skinny To Go…

Posted · Add Comment

“…simplicity and flexibility are key…” if the new EU Regulation is to work as a long term framework for the protection of privacy rights, according to the European Data Protection Supervisor (EDPS). The EDPS strongly advocates a simple and clear text to enable controllers to easily understand their obligations, and its’ proposed text is 30% […]

EU General Data Protection Regulation: one small step for privacy, or a giant leap?

Posted · Add Comment

In our blog post of 16 January 2015 HireRight reported on the progress of the EU data privacy reforms.  Excitingly, the Council of the European Union (“Council”) met their self-declared deadline of agreeing a general approach on the General Data Protection Regulation (“Regulation”) and announced on 15 June 2015 that “we have moved a great […]