Monthly Archives: October 2020

Palladian Partners LP & Ors v The Republic of Argentina & Anor – Tilting the Balance to Fraud

Background The underlying dispute relates to securities issued by the Republic of Argentina (the Defendant) and held by the Claimants as part of a debt restructuring. Annual payments are due under the securities subject to certain pre-conditions being met. The …

Posted in Longer Reads | Tagged | Leave a comment

Coronavirus update: Job Support Scheme

The Job Support Scheme (Open for Business) The Job Support Scheme (Open) should be used when a business can open safely and has not been forced to close. At its core, from 1 November 2020 the government will contribute to …

Posted in Shorter Reads | Leave a comment

Coronavirus bulletin: Shielding Revisited

This guidance aims to be less restrictive and strike a careful balance between the psychological impact of measures to protect the extremely clinically vulnerable and the physical health risks of the virus. People in this category are being advised to …

Posted in Shorter Reads | Leave a comment

What the FCA’s business interruption case means for your business

In June 2020, the Financial Conduct Authority initiated a claim against eight defendant insurers, seeking to answer the question of whether business interruption losses caused by the Covid-19 pandemic are covered under certain insurance policies. The regulator adopted an impressive …

Posted in Longer Reads | Tagged , , , | Leave a comment

Test-and-trace data sharing: a healthy lesson for private-sector businesses on the importance of transparency

The BBC reported this week that the UK Department of Health and Social Care could share contact-tracing information with police in England, given there is a legal requirement to isolate after a positive test. The news of this practice quickly prompted a flurry of concerned commentary from public health officials and privacy campaigners, with the British Medical Association warning that police involvement could be counterproductive, insofar as it could deter individuals from testing for COVID-19.Though this news concerns the public sector, the public reaction to it serves as a useful reminder of the importance of transparency to private-sector organisations who process personal data. If you collect individuals’ personal data and share that data with third parties, even if only occasionally, the GDPR requires that you give clear information about these data sharing practices to those individuals at the time when you collect their personal data. This should ideally be communicated via your privacy notice, which must state the recipients of the shared personal data.Provided your lawful basis for processing the shared personal data is not consent, it is possible for only ‘categories of recipients’ to identified rather than named, individual recipients, but if you opt to take this less specific approach, you will need to be able to demonstrate why it is fair to do so and endeavour to be as specific as possible about the type of recipient (such as what industry or sector it belongs to) and its location. If, however, you are relying on consent as your lawful basis, then your privacy notice should specifically identify the recipients of the personal data, especially if they are third-party independent or joint controllers. Otherwise, there is a risk that the GDPR’s requirement for the consent to be specific will not be met.As this news story illustrates, the more upfront with individuals you are at the outset about the way you handle their personal data, the more confidence they will have in your organisation. It is more difficult to gain back trust once lost than it is to lose it in the first place.

Posted in Shorter Reads | Leave a comment

Good(ish) news for BA

In July 2019 the Information Commissioners Office announced an intention to fine BA £183M for infringements of the GDPR. Around 400,000 users of the BA website had been diverted to a fraudulent site where the customers’ login, payment and travel details were harvested. The breach was not discovered until 2 months later. The ICO considered that BA’s security measures were inadequate and proposed the largest ever fine, albeit well below the maximum fine that could have been imposed. It not only reflected the seriousness of the specific breach but sent a message to large corporates that, unless they paid close attention to data privacy, they could expect very tough enforcement measures for breaches.Since then, BA has taken steps to improve the security of the data obtained via its website and has cooperated with the ICO, while challenging the size of the proposed fine.The ICO has today announced that the fine actually imposed is £20M. This is obviously a very welcome reduction in BA’s liability at a time when its business has been decimated by the coronavirus. It also reflects the benefit of swift action to remedy a breach (so far as possible) and close cooperation with the ICO. Nevertheless, it is still the largest fine confirmed by the ICO, reinforcing the fundamental importance of GDPR compliance.  

Posted in Shorter Reads | Leave a comment

End of Furlough – what happens next?

The Job Support Scheme The Job Support Scheme starts on 1 November 2020, immediately after the furlough scheme ends. The government will step in to partially top up pay for workers who are not needed to work their full contracted …

Posted in Shorter Reads | Tagged , , , | Leave a comment

Top 5 tips for successful Private Equity investment

Posted in Videos | Tagged , , , , | Leave a comment