Data

In a landmark ruling, the UK’s highest court has cleared UK supermarket Morrisons of vicarious liability for the actions of a rogue employee – but claimants in other cases may still be able to hold data controllers indirectly liable.

https://globaldatareview.com/cybersecurity/morrisons-not-liable-rogue-employee-data-breach

The company has seen a 535% rise in daily traffic in the past month, but security researchers say the app is a ‘privacy disaster’

https://www.theguardian.com/technology/2020/apr/02/zoom-technology-security-coronavirus-video-conferencing?CMP=share_btn_tw

The success of Morrisons’ appeal against judgments that it should be held vicariously liable for an insider data breach will be welcomed by businesses, but may be of limited comfort to them

https://www.computerweekly.com/news/252481056/Morrisons-appeal-success-is-cold-comfort-for-enterprises

Most UK consumers are concerned about data privacy, but think it’s too late to do much about it, according to a report

Insurance giant Chubb confirmed it is investigating an incident that may involve the Maze ransomware group, which claims to have stolen sensitive data from the company.

Kitchenware brand removes active digital credit card skimmer from its website and insists it takes security seriously despite ignoring repeated attempts to contact it

https://www.computerweekly.com/news/252480661/Tupperware-fixes-hacked-site-but-questions-remain-over-response

New guidance has been prepared to help arbitration professionals meet their obligations under data protection law when handling data as part of arbitral proceedings.

Data protection law does not prevent organisations taking steps to address the spread of coronavirus, regulators have said.

It was announced in January 2020 that the Information Commissioner’s Office (ICO) would be fining high street retailer Dixons Carphone the maximum pre GDPR data breach fine of £500,000.

https://www.legalfutures.co.uk/associate-news/short-changed-security-systems-at-dixons-carphone-undermines-high-street-confidence

Specific guidance on the pursuit of "data rights" against an insolvent company would help insolvency practitioners comply with UK data protection law.