BCL Solicitors LLP BCL Solicitors LLP

Financial, Corporate and General Crime Solicitors

Toggle menu

Skip to content
MENUMENU
  • Home
  • About
  • Services
    • Corporate Crime
    • Financial Crime
    • Regulatory
    • Serious and General Crime
  • People
  • Commendations
  • News & Insights
    • News
    • Insights
    • Legal guides
  • Careers
  • Contact

Data Protection

Data Protection

“They have a reputation for legal excellence which is richly deserved.”

Chambers UK

Whether malicious or inadvertent, internal or external, breaches of data security have the potential to cause extreme disruption to individuals and businesses. As the frequency, severity and public awareness of data incidents has grown, the risks of reputational damage, substantial regulatory penalties and litigation from aggrieved data subjects have increased significantly, pushing business concern over data protection ever higher up in the corporate agenda.

The law relating to data protection is principally contained in the General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018 (“DPA”), whose regulatory and enforcement provisions are overseen by the Office of the Information Commissioner (“ICO”). The GDPR and DPA regulate the control and processing of data by entities such as companies, firms and sole traders established in the UK. The data protection legislation creates a series of rights for individuals and obligations on controllers and processors of data in relation to the handling and treatment of personal data and “special category” personal data. It also controls the transfer of such data overseas, including following MLA requests to the UK authorities by foreign regulators and investigators such as the US Securities and Exchange Commission (“SEC”) and Department of Justice (“DOJ”). For the first time, the GDPR requires that personal data breaches are reported to the ICO unless there is unlikely to be a risk to the rights and freedoms of data subjects. Timing is critical, with notification necessary as soon as feasible, and not later than 72 hours of the controller becoming aware of a breach.

Subject to certain defences, offences under the DPA such as “blagging” (broadly, obtaining or disclosing personal data without the data controller’s consent) are prosecuted in the criminal courts and can lead to unlimited fines. Corporates and their directors may also be found liable where offences are committed with the consent, connivance or neglect of those directors or company officers.

The ICO may also impose very substantial monetary penalties on data controllers for breaches of the GDPR, in some instances up to €20 million or 4% of total worldwide turnover, whichever is the higher.

BCL advises businesses and individuals with regard to data security, data protection policies, ICO investigations and audits, GDPR compliance and the defence of criminal and administrative proceedings under the data protection legislation. We assist in crisis management with reference to the reporting of data breaches and criminal liability, as well as Norwich Pharmacal relief and the strategic use of subject access requests and requests under the Freedom of Information Act 2000

Contact the Team

  • +44 (0)20 7430 2277
  • law@bcl.com
null

Michael Drury

Partner
null

Julian Hayes

Partner

Related Services

Cyber Crime

Cyber crime and cyber security are receiving increasing global attention due to online activity being prevalent in day to day life and the associated rapid growth of online data…

Read more

Surveillance & Interception

The Regulation of Investigatory Powers Act 2000 (“RIPA”) provides a statutory framework to allow public authorities, including the police and intelligence services, to conduct interception and surveillance activities…

Read more

Corporate & Director Liability

BCL’s large team of specialist lawyers acts for corporates and/or directors and senior managers in investigations by all major UK law enforcement agencies, as well as in relation to international and multi-jurisdictional investigations…

Read more

Contact Us

  • Tel: +44 (0)20 7430 2277
    Fax: +44 (0)20 7430 1101
  • law@bcl.com
  • 51 Lincoln's Inn Fields
    London WC2A 3LZ

    DX 37981 Kingsway

Latest News & Insights

  • The online harms bill misses the point – Michael Drury and Julian Hayes write for The Times
  • Protecting the protectors: Calls for emergency legislation to prevent the prosecution of healthcare professionals when treating COVID-19 patients 
  • Licence to kill – will undercover criminal activity be lawful for all purposes?

Accreditations

  • Home
  • People
  • Videos
  • Corporate Social Responsibility
  • Diversity
  • Legal Notices
  • Transparency
  • Privacy Policy
Copyright © 2021 BCL Solicitors LLP. All rights reserved.

Cookies

This website uses cookies to ensure you get the best experience on our website. More info.