December 13, 2018

December 12, 2018

Subscribe to Latest Legal News and Analysis

December 11, 2018

Subscribe to Latest Legal News and Analysis

December 10, 2018

Subscribe to Latest Legal News and Analysis

UK’s Data Protection Authority Enforces GDPR

The UK’s Information Commissioner’s Office (ICO) has issued its first GDPR notice to Canadian data analytics firm AggregateIQ Data Services Ltd. The company uses personal data to target political advertising at voters prior to elections. The ICO was concerned about the firm’s use of targeted advertising in the UK’s 2016 EU referendum and the 2016 US presidential election, something the ICO is otherwise investigating. In this case, the ICO accused AggregateIQ of failing to follow GDPR by using personal information without a legal basis under GDPR, and using it in ways that people would not have expected when they provided it. Although the data was gathered before GDPR went into effect on May 25, 2018, the ICO stated that GDPR applies due to AggregateIQ’s continued retention and processing of the information about UK residents after that date.

The ICO found that enforcement action was justified because AggregateIQ’s improper use was likely to cause “damage or distress” to the affected people. The ICO’s notice instructs AggregateIQ to cease all use of UK or EU citizens’ personal data for analytics and advertising, political or otherwise. Failure to comply could result in a fine of up to four percent of the company’s annual revenue, or 20 million euros, whichever is greater. AggregateIQ has appealed the notice to the UK’s First-tier Tribunal for Information Rights.

Putting it Into Practice: This case is a reminder that regulators are gearing up to enforce GDPR. Of note here are both that the entity was Canadian, and that the information was collected prior to GDPR coming into effect.

Copyright © 2018, Sheppard Mullin Richter & Hampton LLP.

TRENDING LEGAL ANALYSIS


About this Author

Liisa Thomas, Sheppard Mullin Law Firm, Chicago, Cybersecurity Law Attorney
Partner

Liisa Thomas, a partner based in the firm’s Chicago and London offices, is Co-Chair of the Privacy and Cybersecurity Practice. Her clients rely on her ability to create clarity in a sea of confusing legal requirements and describe her as “extremely responsive, while providing thoughtful legal analysis combined with real world practical advice.” Liisa is the author of the definitive treatise on data breach, Thomas on Data Breach: A Practical Guide to Handling Worldwide Data Breach Notification, which has been described as “a no-nonsense roadmap for in-house and...

312-499-6335
Shanna Pearce, Sheppard Mullin, San Diego, litigation, class action, intellectual property, IP, copyrights, false advertising, commercial litigation, lanham act, unfair competition
Associate

Ms. Pearce represents businesses in the areas of intellectual property and commercial litigation, from trademark and copyright matters to consumer class actions. She has represented Fortune 500 companies in complex actions involving allegations of copyright violation, breach of contract, fraud, and unfair business practices. She has also defended retailers and financial institutions in class actions alleging violations of statute and federal laws relating to false advertising, unfair competition, pricing practices, and lending disclosures. Ms. Pearce’s litigation experience ranges from pre-suit strategy and advice to post-trial proceedings, with a special focus on appellate issues. She also has significant experience in private domestic and international arbitrations.

Ms. Pearce co-chairs the Bench-Bar Committee of Lawyers Club of San Diego, and is an active member of both the San Diego County Bar Association Appellate Section and the San Diego Appellate Inn of Court. She is a member of Sheppard Mullin’s own Pro Bono Committee and coordinates pro bono training and case placement in the Del Mar office. Ms. Pearce’s pro bono practice focuses on asylum and other immigration matters for victims of persecution, torture, and domestic violence.

858-720-7475