Press Review


Contractor UK

GDPR: An IT Contractor’s Who’s Who

Editor’s NoteThis is the first instalment of a two-part GDPR guide by Gerrish Legal founding lawyer Charlotte Gerrish #legalbusinesspartner, who has more than 10 years of legal experience at international law firms and companies in London. 

It’s not just ‘personal data’ and ‘processing’ that the GDPR – due to hit from next month – covers, writes Charlotte Gerrish, founding lawyer at data law consultancy Gerrish Legal.

In the human sense, the General Data Protection Regulation effective in the UK from May 25th 2018 applies to ‘Data Processors,’ ‘Sub-Processors’ and ‘Data Controllers.’

More coverage:
GDPR for IT contractors: how to comply -- and cash-in
GDPR for IT contractors: how to update your data practices
How to quickly check client GDPR-compliance
What a GDPR-proof Data Processing Contract looks like


The GDPR is on its way towards implementation into French law following a constitutional challenge

Following on from the article published on the on 24 January 2018 “French GDPR Implementation Bill – for French Data Protection Authority (“CNIL”) it could not come soon enough!”, Charlotte Gerrish provides us with the latest update on the status of the French GDPR Implementation Bill which, after surviving an attack of “unconstitutionality” before the French Constitutional Council, is now on its way into force.

More coverage:
French GDPR Implementation Bill – for French Data Protection Authority (“CNIL”) it could not come soon enough!


The political implications of a French court decision on data subject rights*

*originally appeared on the IAPP’s Privacy Perspectives page

This article sets out the scope of that judgment in light of the legal climate, the French court’s approach to failure by data controllers to respect data subject rights, whether by negligence or otherwise, and the political undertones that the decision may yield.


Cambridge Analytica and Facebook: A wake-up call

The DPA will be able to issue administrative fines for the first time. Charlotte Gerrish reports on the Bill’s provisions and current status.

Village de la Justice

Le « California Consumer Privacy Act » : Un Timide RGPD Americain?

Au lendemain du scandale de « Cambridge Analytica » et de l’entrée en vigueur du Règlement Général sur la Protection des Données européennes (RGPD), l’État de la Sillicon Valley rejoint la position européenne en adoptant le California Consumer Privacy Act, une loi protectrice des données personnelles collectées par les entreprises, qui entrera en vigueur le 1er janvier 2020.

More coverage:
Votre contrat de traitement de données est-il conforme au RGPD?
La nouvelle "Copyright Directive" : à l’heure du numérique, les controverses sont-elles justifiées?
De la lutte efficace contre les contenus haineux en ligne.
Google, la High Court de Londres et le droit à l’oubli : quelles évolutions après l’entrée en vigueur du RGPD?
"Fake news" et loi relative à la lutte contre la manipulation de l’information : que résout le projet de loi?