Tim Hickman

Tim Hickman

White & Case LLP

Contact

Readers' Choice Awards

Data Privacy
View Bio
RSS

Latest Posts › Personally Identifiable Information

Share:

UK ICO fines BA £20m for data breach

In a remarkable decision, the UK ICO has issued British Airways ("BA") with a £20m fine, in connection with a data breach affecting more than 400,000 customers. This is a significant reduction from the £183m the ICO had...more

10/29/2020  /  British Airways , Civil Monetary Penalty , Data Breach , Enforcement Actions , Fines , General Data Protection Regulation (GDPR) , Hackers , Personally Identifiable Information , Popular , UK ICO

UK Supreme Court – Employers not liable for data breaches caused by rogue employees

In a decision that will come as a relief to many businesses, the UK Supreme Court has unanimously held that companies should not be held vicariously liable for the actions of rogue employees who leak personal data....more

4/3/2020  /  Appeals , Data Breach , Employee Misconduct , Personally Identifiable Information , UK , UK Data Protection Act , UK Supreme Court , Vicarious Liability

COVID-19 and Data Protection Compliance

Following the outbreak of COVID-19 and its development into a global pandemic, organisations have been implementing exceptional measures to safeguard employees, customers and others against the health threat that is being...more

3/28/2020  /  Coronavirus/COVID-19 , Data Protection , Data Protection Impact Assessments (DPIAs) , Data Security , EU , General Data Protection Regulation (GDPR) , Personal Information , Personally Identifiable Information , Privacy Notice Rule , Public Health Emergency , Sick Employees , UK , UK Data Protection Act , Virus Testing

GDPR Guide to National Implementation: Malta - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed....more

1/23/2020  /  Compliance , Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Joint Control , Malta , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions

GDPR Guide to National Implementation: Netherlands - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed....more

1/21/2020  /  Compliance , Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Joint Control , Minor Children , National Identification Numbers , Netherlands , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions

GDPR Guide to National Implementation: Norway - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed....more

1/18/2020  /  Compliance , Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Joint Control , Minor Children , National Identification Numbers , Nonprofits , Norway , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions

GDPR Guide to National Implementation: Poland - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed replacing the main pre-GDPR legislation...more

1/17/2020  /  Compliance , Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Joint Control , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Poland , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions

GDPR Guide to National Implementation: Portugal - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed....more

1/14/2020  /  Compliance , Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Joint Control , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Portugal , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions

GDPR Guide to National Implementation: Romania - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? Old legislation has been updated in addition to new legislation being...more

1/13/2020  /  Compliance , Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Joint Control , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Romania , Sanctions

GDPR Guide to National Implementation: Slovakia - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed....more

1/11/2020  /  Compliance , Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Joint Control , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions , Slovakia

GDPR Guide to National Implementation: Slovenia - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? Slovenia is in the process of adopting new legislation (the “Draft Law”)....more

1/10/2020  /  Compliance , Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Joint Control , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions , Slovenia

GDPR Guide to National Implementation: Spain - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed....more

1/9/2020  /  Compliance , Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Joint Control , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions , Spain

GDPR Guide to National Implementation: Sweden - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? The main national pre-GDPR act on data privacy has been revoked, whereas...more

1/8/2020  /  Compliance , Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Joint Control , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions , Sweden

GDPR Guide to National Implementation: United Kingdom - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed. Brexit Note: The GDPR will apply in...more

1/6/2020  /  Compliance , Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Joint Control , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions , UK , UK Brexit

GDPR Guide to National Implementation: Glossary - A practical guide to national GDPR compliance requirements across the EEA

Glossary - - Adequacy Decision means a decision by the Commission to designate a third country as an Adequate Jurisdiction. - Adequate Jurisdiction means one of the following jurisdictions that have been designated by the...more

1/3/2020  /  Compliance , Corporate Counsel , Data Protection Authority , Data Protection Officers (DPOs) , EU , EU Data Protection Laws , General Data Protection Regulation (GDPR) , International Data Transfers , Personally Identifiable Information , Popular

GDPR Guide to National Implementation: Luxembourg - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed.....more

1/2/2020  /  Compliance , Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Joint Control , Luxembourg , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions

GDPR Guide to National Implementation: Lithuania - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? Old legislation has been updated....more

12/31/2019  /  Compliance , Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Joint Control , Lithuania , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions

GDPR Guide to National Implementation: Liechtenstein - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed....more

12/30/2019  /  Compliance , Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Joint Control , Liechtenstein , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions

GDPR Guide to National Implementation: Latvia - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed. ——— (b) Relevant legislation...more

12/28/2019  /  Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Joint Control , Latvia , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions

EU Data Transfer Restrictions – No changes for now

The Court of Justice of the EU ("CJEU") is currently hearing a challenge against the validity of two key mechanisms that businesses use to transfer personal data internationally. In a move that will come as a relief to...more

12/24/2019  /  Advocate General , Binding Corporate Rules , Court of Justice of the European Union (CJEU) , EU-US Privacy Shield , European Economic Area (EEA) , General Data Protection Regulation (GDPR) , International Data Transfers , Personally Identifiable Information , Prohibited Transactions , Safe Harbors , Standard Contractual Clauses

GDPR Guide to National Implementation: Italy - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? Old legislation has been updated....more

12/23/2019  /  Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Italy , Joint Control , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions

GDPR Guide to National Implementation: Ireland - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed....more

12/20/2019  /  Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , International Data Transfers , International Harmonization , Ireland , Joint Control , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions

GDPR Guide to National Implementation: Iceland - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed....more

12/18/2019  /  Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , Freedom of Information , General Data Protection Regulation (GDPR) , Iceland , International Data Transfers , International Harmonization , Joint Control , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions

GDPR Guide to National Implementation: Hungary - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? Old legislation has been updated....more

12/17/2019  /  Data Processors , Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , General Data Protection Regulation (GDPR) , Hungary , International Data Transfers , International Harmonization , Joint Control , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions

GDPR Guide to National Implementation: Greece - A practical guide to national GDPR compliance requirements across the EEA

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? Greece has implemented the requirements of the GDPR through new...more

12/16/2019  /  Data Protection , Data Protection Authority , Data Protection Impact Assessments (DPIAs) , Data Protection Officers (DPOs) , Data Subjects Rights , Decedent Protection , Employee Privacy Rights , Enforcement Actions , EU , EU Data Protection Laws , European Economic Area (EEA) , Exemptions , Fines , Freedom of Expression , General Data Protection Regulation (GDPR) , Greece , International Data Transfers , International Harmonization , Joint Control , Minor Children , National Identification Numbers , Nonprofits , Penalties , Personally Identifiable Information , Prior Authorization , Prior Express Consent , Public Interest , Regulatory Standards , Sanctions
49 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide