SlideShare une entreprise Scribd logo

Google inc-enforcement-notice-11062013

Greg Sterling
Greg Sterling
TechnologieBusiness
1  sur  7
Télécharger pour lire hors ligne
1 DATA PROTECTION ACT 1998 SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER ENFORCEMENT NOTICE DATED 11 June 2013 To: Google Inc. of: 1600 Ampitheatre Parkway Mountain View CA 94043 USA 1. Google Inc. is the data controller, as defined in section 1(1) of the Data Protection Act 1998 (the “Act”), in respect of the processing of personal data carried on by Google Inc. and is referred to in this notice as the “data controller”. Section 4(4) of the Act provides that, subject to section 27(1) of the Act, it is the duty of a data controller to comply with the data protection principles in relation to all personal data with respect to which he is the data controller. 2. The Act came into force on 1 March 2000 and repealed the Data Protection Act 1984 (the “1984 Act”). By virtue of section 6(1) of the Act, the office of Data Protection Registrar originally established by section 3(1)(a) of the 1984 Act became known as the Data Protection Commissioner. From 30 January 2001, by virtue of section 18(1) of the Freedom of Information Act 2000 the Data Protection Commissioner became known instead as the Information Commissioner (the “Commissioner”). 3. On 14 May 2010, the Commissioner became aware that the data controller’s Street View vehicles (adapted to collect publicly available Wi-Fi radio signals) had mistakenly collected payload data including email addresses, URLs and passwords relating to thousands of individuals. The data controller had intended to identify Wi-Fi networks and map their approximate location using the vehicle’s GPS co-ordinates when the radio signal was
2 received. The aim was to improve the geographic location database for location-based mobile applications. 4. In view of the remedial action taken by the data controller, the Commissioner decided to accept an undertaking dated 18 November 2010 (the “undertaking”) in which the data controller agreed (among other things) to “delete payload data that has been identified as having been collected by Google in the UK, to the extent that Google has no other outstanding legal obligation to retain such data.” 5. The data controller wrote to the Commissioner’s office on 27 July and 6 September 2012 admitting that they had accidentally retained four discs containing payload data collected in the UK. They were discovered in February 2012 when the data controller uncovered an irregularity in the quarantine disk inventory used to record the hard drives containing payload data. This irregularity had caused the drives to be omitted from the destruction process which the data controller had implemented after providing the undertaking. The Commissioner understands that the discs had been kept in quarantine cages and had not been accessed. However, the payload data should have been deleted. 6. On 5 October 2012, the data controller notified the Commissioner’s office that a fifth disc which may contain UK data had been discovered although some of the data held on the disc had not been collected in the UK so it is outside the Commissioner’s jurisdiction. 7. The Commissioner has considered a report on the issues arising out of the correspondence referred to in paragraphs 5 and 6 above, in addition to the further correspondence entered into with the data controller concerning this matter. The Commissioner has further considered the data controller’s compliance with the provisions of the Act in light of this matter. The relevant provision of the Act is the Fifth Data Protection Principle. 8. The Fifth Data Protection Principle provides, at Part I of Schedule 1 to the Act, that: “Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.” 9. The Commissioner is of the view that, in respect of the retention of payload data collected by Street View vehicles in the UK, the data controller has contravened the Fifth Data Protection Principle
3 in that they did not erase the payload data referred to in paragraph 5 above. 10. The data controller has given an explanation for their failure to erase the payload data referred to in paragraph 5 above. However, the Commissioner is still concerned that other discs holding payload data may have been overlooked during the destruction process. 11. The Commissioner considered, as he is required to do under section 40(2) of the Act when deciding whether to serve an Enforcement Notice, whether any contravention has caused or is likely to cause any person damage or distress. The Commissioner took the view that the likelihood of distress is self- evident. Individuals whose personal data has been collected by the data controller are likely to suffer worry and anxiety on account of the fact that other discs holding payload data may not have been destroyed. In view of the matters referred to above the Commissioner hereby gives notice that, in exercise of his powers under section 40 of the Act, he requires that: (1) Within 35 days of the date of this notice the data controller shall securely destroy any personal data within the meaning of the Data Protection Act 1998 held on vehicle discs and collected in the UK using Street View vehicles (to the extent that the data controller has no other legal obligations to retain such data) and, (2) If the data controller subsequently discovers a Street View vehicle disk holding personal data and collected in the UK it shall promptly inform the Information Commissioner. Right of Appeal There is a right of appeal against this Notice to the First-tier Tribunal (Information Rights), part of the General Regulatory Chamber. Information about appeals is set out in the attached Annex 1. Any Notice of Appeal should be served on the Tribunal within 28 days of the date on which this Notice is served. If the Notice of Appeal is served late the Tribunal will not accept it unless it is of the opinion that it is just and right to do so by reason of special circumstances. Dated the 11th day of June 2013
4 Signed: …………………………………..... David Smith Deputy Information Commissioner Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF
5 ANNEX 1 THE DATA PROTECTION ACT 1998 (PART V, SECTION 40) RIGHTS OF APPEAL AGAINST DECISIONS OF THE COMMISSIONER 1. Section 48 of the Data Protection Act 1998 gives any person upon whom an enforcement notice or an information notice has been served a right of appeal to the First-tier Tribunal (General Regulatory Chamber) (the “Tribunal”) against the notice. 2. If you decide to appeal and if the Tribunal considers: a) that the notice against which the appeal is brought is not in accordance with the law; or b) to the extent that the notice involved an exercise of discretion by the Commissioner, that he ought to have exercised his discretion differently, the Tribunal will allow the appeal or substitute such other decision as could have been made by the Commissioner. In any other case the Tribunal will dismiss the appeal. 3. You may bring an appeal by serving a notice of appeal on the Tribunal at the following address: GRC & GRP Tribunals PO Box 9300 Arnhem House 31 Waterloo Way Leicester LE1 8DJ a) The notice of appeal should be served on the Tribunal within 28 days of the date on which notice of the Commissioner's decision was served on or given to you. b) If your notice of appeal is late the Tribunal will not accept it unless it is of the opinion that it is just and right to do so by reason of special circumstances. c) If you send your notice of appeal by post to the Tribunal, either in a registered letter or by the recorded delivery service, it will be treated as having been served on the
6 Tribunal on the date on which it is received for dispatch by the Post Office. 4. The notice of appeal should state: a) your name and address; b) the decision which you are disputing and the date on which the notice relating to such decision was served on or given to you; c) the grounds of your appeal; d) whether you consider that you are likely to wish a hearing to be held by the Tribunal or not; e) if you have exceeded the 28 day time limit mentioned above the special circumstances which you consider justify the acceptance of your notice of appeal by the Tribunal; and f) an address for service of notices and other documents on you. In addition, a notice of appeal may include a request for an early hearing of the appeal and the reasons for that request. 5. By virtue of section 40(7), an enforcement notice may not require any of the provisions of the notice to be complied with before the end of the period in which an appeal can be brought and, if such an appeal is brought, the notice need not be complied with pending the determination or withdrawal of the appeal. However, section 40(7) does not apply where the notice contains a statement that the Commissioner considers that the notice should be complied with as a matter of urgency. Section 48(3) provides that where an enforcement notice contains a statement that the notice should be complied with as a matter of urgency then, whether or not you intend to appeal against the notice, you may appeal against – (a) the Commissioner’s decision to include the statement in the notice, or (b) the effect of the inclusion of the statement as respects any part of the notice. 6. Before deciding whether or not to appeal you may wish to consult your solicitor or another adviser. At the hearing of an appeal a party may conduct his case himself or may be represented by any person whom he may appoint for that purpose.
7 7. The statutory provisions concerning appeals to the First-tier Tribunal (General Regulatory Chamber) are contained in sections 48 and 49 of, and Schedule 6 to, the Data Protection Act 1998, and the Tribunal Procedure (First-tier Tribunal) (General Regulatory Chamber) Rules 2009 Statutory Instrument 2009 No. 1976 (L.20).

Recommandé

Factsheet data protection and Right to be Forgotten
Factsheet data protection and Right to be ForgottenFactsheet data protection and Right to be Forgotten
Factsheet data protection and Right to be ForgottenEdouard Nguyen
 
Factsheet data protection_en
Factsheet data protection_enFactsheet data protection_en
Factsheet data protection_enGreg Sterling
 
Uk data retention review ver 3.0
Uk data retention review ver 3.0Uk data retention review ver 3.0
Uk data retention review ver 3.0Amr El-Deeb
 
CJEU decision on Schrems
CJEU decision on SchremsCJEU decision on Schrems
CJEU decision on SchremsGreg Sterling
 
20200724 edpb faqoncjeuc31118
20200724 edpb faqoncjeuc3111820200724 edpb faqoncjeuc31118
20200724 edpb faqoncjeuc31118Internet Law Center
 
ECJ Press Release in Schrems II Decision
ECJ Press Release in Schrems II DecisionECJ Press Release in Schrems II Decision
ECJ Press Release in Schrems II DecisionInternet Law Center
 
Fpr pd28 a
Fpr pd28 aFpr pd28 a
Fpr pd28 aPAINalison
 
Bulletin - US-EU Data Privacy Safe Harbor Program Invalidated
Bulletin - US-EU Data Privacy Safe Harbor Program InvalidatedBulletin - US-EU Data Privacy Safe Harbor Program Invalidated
Bulletin - US-EU Data Privacy Safe Harbor Program InvalidatedCohenGrigsby
 

Recommandé

Factsheet data protection and Right to be Forgotten
Factsheet data protection and Right to be ForgottenFactsheet data protection and Right to be Forgotten
Factsheet data protection and Right to be ForgottenEdouard Nguyen
 
Factsheet data protection_en
Factsheet data protection_enFactsheet data protection_en
Factsheet data protection_enGreg Sterling
 
Uk data retention review ver 3.0
Uk data retention review ver 3.0Uk data retention review ver 3.0
Uk data retention review ver 3.0Amr El-Deeb
 
CJEU decision on Schrems
CJEU decision on SchremsCJEU decision on Schrems
CJEU decision on SchremsGreg Sterling
 
20200724 edpb faqoncjeuc31118
20200724 edpb faqoncjeuc3111820200724 edpb faqoncjeuc31118
20200724 edpb faqoncjeuc31118Internet Law Center
 
ECJ Press Release in Schrems II Decision
ECJ Press Release in Schrems II DecisionECJ Press Release in Schrems II Decision
ECJ Press Release in Schrems II DecisionInternet Law Center
 
Fpr pd28 a
Fpr pd28 aFpr pd28 a
Fpr pd28 aPAINalison
 
Bulletin - US-EU Data Privacy Safe Harbor Program Invalidated
Bulletin - US-EU Data Privacy Safe Harbor Program InvalidatedBulletin - US-EU Data Privacy Safe Harbor Program Invalidated
Bulletin - US-EU Data Privacy Safe Harbor Program InvalidatedCohenGrigsby
 
Case of lucky dev v. sweden
Case of lucky dev v. swedenCase of lucky dev v. sweden
Case of lucky dev v. swedenGuillermo Ruiz Zapatero
 
Mp hc wp 8914 2020_order_19-apr-2021
Mp hc wp 8914 2020_order_19-apr-2021Mp hc wp 8914 2020_order_19-apr-2021
Mp hc wp 8914 2020_order_19-apr-2021sabrangsabrang
 
Fpr pd6 a
Fpr pd6 aFpr pd6 a
Fpr pd6 aPAINalison
 
Eu council-dp-reg-ms-positions-9897-rev2-12
Eu council-dp-reg-ms-positions-9897-rev2-12Eu council-dp-reg-ms-positions-9897-rev2-12
Eu council-dp-reg-ms-positions-9897-rev2-12agcrre
 
Ftc national
Ftc nationalFtc national
Ftc nationalmzamoralaw
 
Gia 569 2018 determ r
Gia 569 2018 determ rGia 569 2018 determ r
Gia 569 2018 determ rJohn Smith
 
Joffe v-google-9th-cir-opin
Joffe v-google-9th-cir-opinJoffe v-google-9th-cir-opin
Joffe v-google-9th-cir-opinGreg Sterling
 
FTC Complaint v InMobi
FTC Complaint v InMobiFTC Complaint v InMobi
FTC Complaint v InMobiGreg Sterling
 
How google fights piracy 2016
How google fights piracy 2016How google fights piracy 2016
How google fights piracy 2016Greg Sterling
 
European Court of Justice Press Release GS Media vs. Sanoma
European Court of Justice Press Release GS Media vs. SanomaEuropean Court of Justice Press Release GS Media vs. Sanoma
European Court of Justice Press Release GS Media vs. SanomaGreg Sterling
 
E ventures worldwide v. google
E ventures worldwide v. googleE ventures worldwide v. google
E ventures worldwide v. googleGreg Sterling
 
1 2016-593-en-f1-1-1
1 2016-593-en-f1-1-11 2016-593-en-f1-1-1
1 2016-593-en-f1-1-1Greg Sterling
 
Google viacom-kids-cookie-tracking
Google viacom-kids-cookie-trackingGoogle viacom-kids-cookie-tracking
Google viacom-kids-cookie-trackingGreg Sterling
 
170206 vizio 2017.02.06_complaint
170206 vizio 2017.02.06_complaint170206 vizio 2017.02.06_complaint
170206 vizio 2017.02.06_complaintGreg Sterling
 
Factsheet on the "Right to be Forgotten" ruling
Factsheet on the "Right to be Forgotten" rulingFactsheet on the "Right to be Forgotten" ruling
Factsheet on the "Right to be Forgotten" rulingSilesia SEM
 
Right to be forgotten en
Right to be forgotten enRight to be forgotten en
Right to be forgotten enLoyanne Rathburn-Dintelmann
 
Help direct-enforcement-notice
Help direct-enforcement-noticeHelp direct-enforcement-notice
Help direct-enforcement-noticeVanessa L garcia
 
Fisc final rules feb 2006
Fisc final rules feb 2006Fisc final rules feb 2006
Fisc final rules feb 2006AnonDownload
 
After Schrems, how lawful is cloud storage?
After Schrems, how lawful is cloud storage?After Schrems, how lawful is cloud storage?
After Schrems, how lawful is cloud storage?Seb Oram
 
FOI reply from MoJ regarding meetings between Grayling and BFG representatives
FOI reply from MoJ regarding meetings between Grayling and BFG representativesFOI reply from MoJ regarding meetings between Grayling and BFG representatives
FOI reply from MoJ regarding meetings between Grayling and BFG representativesbjknight
 
Patents 101 Part 4 - Applying for a Patent
Patents 101 Part 4 - Applying for a PatentPatents 101 Part 4 - Applying for a Patent
Patents 101 Part 4 - Applying for a PatentJane Lambert
 
Second Appeal against CIC New Delhi for Non-Implementation of Section 7(1) of...
Second Appeal against CIC New Delhi for Non-Implementation of Section 7(1) of...Second Appeal against CIC New Delhi for Non-Implementation of Section 7(1) of...
Second Appeal against CIC New Delhi for Non-Implementation of Section 7(1) of...Om Prakash Poddar
 

Contenu connexe

Tendances

Mp hc wp 8914 2020_order_19-apr-2021
Mp hc wp 8914 2020_order_19-apr-2021Mp hc wp 8914 2020_order_19-apr-2021
Mp hc wp 8914 2020_order_19-apr-2021sabrangsabrang
 
Eu council-dp-reg-ms-positions-9897-rev2-12
Eu council-dp-reg-ms-positions-9897-rev2-12Eu council-dp-reg-ms-positions-9897-rev2-12
Eu council-dp-reg-ms-positions-9897-rev2-12agcrre
 
Gia 569 2018 determ r
Gia 569 2018 determ rGia 569 2018 determ r
Gia 569 2018 determ rJohn Smith
 

Tendances (6)

Case of lucky dev v. sweden
Case of lucky dev v. swedenCase of lucky dev v. sweden
Case of lucky dev v. sweden
 
Mp hc wp 8914 2020_order_19-apr-2021
Mp hc wp 8914 2020_order_19-apr-2021Mp hc wp 8914 2020_order_19-apr-2021
Mp hc wp 8914 2020_order_19-apr-2021
 
Fpr pd6 a
Fpr pd6 aFpr pd6 a
Fpr pd6 a
 
Eu council-dp-reg-ms-positions-9897-rev2-12
Eu council-dp-reg-ms-positions-9897-rev2-12Eu council-dp-reg-ms-positions-9897-rev2-12
Eu council-dp-reg-ms-positions-9897-rev2-12
 
Ftc national
Ftc nationalFtc national
Ftc national
 
Gia 569 2018 determ r
Gia 569 2018 determ rGia 569 2018 determ r
Gia 569 2018 determ r
 

En vedette

Joffe v-google-9th-cir-opin
Joffe v-google-9th-cir-opinJoffe v-google-9th-cir-opin
Joffe v-google-9th-cir-opinGreg Sterling
 
FTC Complaint v InMobi
FTC Complaint v InMobiFTC Complaint v InMobi
FTC Complaint v InMobiGreg Sterling
 
How google fights piracy 2016
How google fights piracy 2016How google fights piracy 2016
How google fights piracy 2016Greg Sterling
 
European Court of Justice Press Release GS Media vs. Sanoma
European Court of Justice Press Release GS Media vs. SanomaEuropean Court of Justice Press Release GS Media vs. Sanoma
European Court of Justice Press Release GS Media vs. SanomaGreg Sterling
 
E ventures worldwide v. google
E ventures worldwide v. googleE ventures worldwide v. google
E ventures worldwide v. googleGreg Sterling
 
1 2016-593-en-f1-1-1
1 2016-593-en-f1-1-11 2016-593-en-f1-1-1
1 2016-593-en-f1-1-1Greg Sterling
 
Google viacom-kids-cookie-tracking
Google viacom-kids-cookie-trackingGoogle viacom-kids-cookie-tracking
Google viacom-kids-cookie-trackingGreg Sterling
 
170206 vizio 2017.02.06_complaint
170206 vizio 2017.02.06_complaint170206 vizio 2017.02.06_complaint
170206 vizio 2017.02.06_complaintGreg Sterling
 

En vedette (8)

Joffe v-google-9th-cir-opin
Joffe v-google-9th-cir-opinJoffe v-google-9th-cir-opin
Joffe v-google-9th-cir-opin
 
FTC Complaint v InMobi
FTC Complaint v InMobiFTC Complaint v InMobi
FTC Complaint v InMobi
 
How google fights piracy 2016
How google fights piracy 2016How google fights piracy 2016
How google fights piracy 2016
 
European Court of Justice Press Release GS Media vs. Sanoma
European Court of Justice Press Release GS Media vs. SanomaEuropean Court of Justice Press Release GS Media vs. Sanoma
European Court of Justice Press Release GS Media vs. Sanoma
 
E ventures worldwide v. google
E ventures worldwide v. googleE ventures worldwide v. google
E ventures worldwide v. google
 
1 2016-593-en-f1-1-1
1 2016-593-en-f1-1-11 2016-593-en-f1-1-1
1 2016-593-en-f1-1-1
 
Google viacom-kids-cookie-tracking
Google viacom-kids-cookie-trackingGoogle viacom-kids-cookie-tracking
Google viacom-kids-cookie-tracking
 
170206 vizio 2017.02.06_complaint
170206 vizio 2017.02.06_complaint170206 vizio 2017.02.06_complaint
170206 vizio 2017.02.06_complaint
 

Similaire à Google inc-enforcement-notice-11062013

Factsheet on the "Right to be Forgotten" ruling
Factsheet on the "Right to be Forgotten" rulingFactsheet on the "Right to be Forgotten" ruling
Factsheet on the "Right to be Forgotten" rulingSilesia SEM
 
Help direct-enforcement-notice
Help direct-enforcement-noticeHelp direct-enforcement-notice
Help direct-enforcement-noticeVanessa L garcia
 
Fisc final rules feb 2006
Fisc final rules feb 2006Fisc final rules feb 2006
Fisc final rules feb 2006AnonDownload
 
After Schrems, how lawful is cloud storage?
After Schrems, how lawful is cloud storage?After Schrems, how lawful is cloud storage?
After Schrems, how lawful is cloud storage?Seb Oram
 
FOI reply from MoJ regarding meetings between Grayling and BFG representatives
FOI reply from MoJ regarding meetings between Grayling and BFG representativesFOI reply from MoJ regarding meetings between Grayling and BFG representatives
FOI reply from MoJ regarding meetings between Grayling and BFG representativesbjknight
 
Patents 101 Part 4 - Applying for a Patent
Patents 101 Part 4 - Applying for a PatentPatents 101 Part 4 - Applying for a Patent
Patents 101 Part 4 - Applying for a PatentJane Lambert
 
Second Appeal against CIC New Delhi for Non-Implementation of Section 7(1) of...
Second Appeal against CIC New Delhi for Non-Implementation of Section 7(1) of...Second Appeal against CIC New Delhi for Non-Implementation of Section 7(1) of...
Second Appeal against CIC New Delhi for Non-Implementation of Section 7(1) of...Om Prakash Poddar
 
Aristocrat technologies 15 dec2008
Aristocrat technologies 15 dec2008Aristocrat technologies 15 dec2008
Aristocrat technologies 15 dec2008Sondhaya Sudhamasapa
 
Group 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptxGroup 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptxStephenQuijano3
 
First appeal against CIC New Delhi dated 24.01.2017 for Non- Implementation ...
First appeal against CIC New Delhi dated 24.01.2017 for Non- Implementation ...First appeal against CIC New Delhi dated 24.01.2017 for Non- Implementation ...
First appeal against CIC New Delhi dated 24.01.2017 for Non- Implementation ...Om Prakash Poddar
 
Google Spain and its Aftermath 2014-2023: An EU and UK GDPR Perspective
Google Spain and its Aftermath 2014-2023: An EU and UK GDPR PerspectiveGoogle Spain and its Aftermath 2014-2023: An EU and UK GDPR Perspective
Google Spain and its Aftermath 2014-2023: An EU and UK GDPR PerspectiveDavid Erdos
 
presentation on Rti
presentation on Rti presentation on Rti
presentation on Rti Dipesh Karade
 

Similaire à Google inc-enforcement-notice-11062013 (20)

Factsheet on the "Right to be Forgotten" ruling
Factsheet on the "Right to be Forgotten" rulingFactsheet on the "Right to be Forgotten" ruling
Factsheet on the "Right to be Forgotten" ruling
 
Right to be forgotten en
Right to be forgotten enRight to be forgotten en
Right to be forgotten en
 
Help direct-enforcement-notice
Help direct-enforcement-noticeHelp direct-enforcement-notice
Help direct-enforcement-notice
 
Fisc final rules feb 2006
Fisc final rules feb 2006Fisc final rules feb 2006
Fisc final rules feb 2006
 
After Schrems, how lawful is cloud storage?
After Schrems, how lawful is cloud storage?After Schrems, how lawful is cloud storage?
After Schrems, how lawful is cloud storage?
 
FOI reply from MoJ regarding meetings between Grayling and BFG representatives
FOI reply from MoJ regarding meetings between Grayling and BFG representativesFOI reply from MoJ regarding meetings between Grayling and BFG representatives
FOI reply from MoJ regarding meetings between Grayling and BFG representatives
 
Patents 101 Part 4 - Applying for a Patent
Patents 101 Part 4 - Applying for a PatentPatents 101 Part 4 - Applying for a Patent
Patents 101 Part 4 - Applying for a Patent
 
Second Appeal against CIC New Delhi for Non-Implementation of Section 7(1) of...
Second Appeal against CIC New Delhi for Non-Implementation of Section 7(1) of...Second Appeal against CIC New Delhi for Non-Implementation of Section 7(1) of...
Second Appeal against CIC New Delhi for Non-Implementation of Section 7(1) of...
 
Aristocrat technologies 15 dec2008
Aristocrat technologies 15 dec2008Aristocrat technologies 15 dec2008
Aristocrat technologies 15 dec2008
 
Legal Dimension of Indian RTI Act.
Legal Dimension of Indian RTI Act.Legal Dimension of Indian RTI Act.
Legal Dimension of Indian RTI Act.
 
Fpr pd12 i
Fpr pd12 iFpr pd12 i
Fpr pd12 i
 
RTI ACT 2005 PART-III
RTI ACT 2005 PART-IIIRTI ACT 2005 PART-III
RTI ACT 2005 PART-III
 
Slides presentation RU schrems mr. drs. Mark jansen Dirkzwager advocaten & ...
Slides presentation RU schrems mr. drs. Mark jansen Dirkzwager advocaten & ...Slides presentation RU schrems mr. drs. Mark jansen Dirkzwager advocaten & ...
Slides presentation RU schrems mr. drs. Mark jansen Dirkzwager advocaten & ...
 
Group 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptxGroup 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptx
 
February-March2015Christensen
February-March2015ChristensenFebruary-March2015Christensen
February-March2015Christensen
 
First appeal against CIC New Delhi dated 24.01.2017 for Non- Implementation ...
First appeal against CIC New Delhi dated 24.01.2017 for Non- Implementation ...First appeal against CIC New Delhi dated 24.01.2017 for Non- Implementation ...
First appeal against CIC New Delhi dated 24.01.2017 for Non- Implementation ...
 
Google Spain and its Aftermath 2014-2023: An EU and UK GDPR Perspective
Google Spain and its Aftermath 2014-2023: An EU and UK GDPR PerspectiveGoogle Spain and its Aftermath 2014-2023: An EU and UK GDPR Perspective
Google Spain and its Aftermath 2014-2023: An EU and UK GDPR Perspective
 
presentation on Rti
presentation on Rti presentation on Rti
presentation on Rti
 
EU-US Data Privacy Framework
EU-US Data Privacy FrameworkEU-US Data Privacy Framework
EU-US Data Privacy Framework
 
RTI Act, 2005.pptx
RTI Act, 2005.pptxRTI Act, 2005.pptx
RTI Act, 2005.pptx
 

Plus de Greg Sterling

Ab 1760 -_amendments
Ab 1760 -_amendmentsAb 1760 -_amendments
Ab 1760 -_amendmentsGreg Sterling
 
Joint ad trade letter to ag becerra re ccpa 1.31.2019
Joint ad trade letter to ag becerra re ccpa 1.31.2019Joint ad trade letter to ag becerra re ccpa 1.31.2019
Joint ad trade letter to ag becerra re ccpa 1.31.2019Greg Sterling
 
Goldman v breitbart_-_opinion
Goldman v breitbart_-_opinionGoldman v breitbart_-_opinion
Goldman v breitbart_-_opinionGreg Sterling
 
Google genericide-cert-petition
Google genericide-cert-petitionGoogle genericide-cert-petition
Google genericide-cert-petitionGreg Sterling
 
Filed copy-first-amended-complaint-baldino-v-google-january-13-2017-1
Filed copy-first-amended-complaint-baldino-v-google-january-13-2017-1Filed copy-first-amended-complaint-baldino-v-google-january-13-2017-1
Filed copy-first-amended-complaint-baldino-v-google-january-13-2017-1Greg Sterling
 
Amazon motion to quash echo-search
Amazon motion to quash echo-searchAmazon motion to quash echo-search
Amazon motion to quash echo-searchGreg Sterling
 
Google search bias letter 2016 01-26(1)-1
Google search bias letter 2016 01-26(1)-1Google search bias letter 2016 01-26(1)-1
Google search bias letter 2016 01-26(1)-1Greg Sterling
 
Brave cease and desist final copy
Brave cease and desist final copy Brave cease and desist final copy
Brave cease and desist final copy Greg Sterling
 
160315lordandtaylcmpt
160315lordandtaylcmpt160315lordandtaylcmpt
160315lordandtaylcmptGreg Sterling
 
Google search bias letter Utah-DC
Google search bias letter Utah-DCGoogle search bias letter Utah-DC
Google search bias letter Utah-DCGreg Sterling
 
Uber Promotions vs Uber Technologies
Uber Promotions vs Uber Technologies Uber Promotions vs Uber Technologies
Uber Promotions vs Uber Technologies Greg Sterling
 
Judge Pym order iphone
Judge Pym order iphoneJudge Pym order iphone
Judge Pym order iphoneGreg Sterling
 
Communication from the commission to the institutions december2015
Communication from the commission to the institutions december2015Communication from the commission to the institutions december2015
Communication from the commission to the institutions december2015Greg Sterling
 
Complaint Google v. Local Lighthouse
Complaint Google v. Local LighthouseComplaint Google v. Local Lighthouse
Complaint Google v. Local LighthouseGreg Sterling
 
Phantom alertcomplaint
Phantom alertcomplaintPhantom alertcomplaint
Phantom alertcomplaintGreg Sterling
 
Carnegie mellon google_ad_study
Carnegie mellon google_ad_studyCarnegie mellon google_ad_study
Carnegie mellon google_ad_studyGreg Sterling
 
Consumer watchdog rtbf letter
Consumer watchdog rtbf letterConsumer watchdog rtbf letter
Consumer watchdog rtbf letterGreg Sterling
 
Yelp v-hadeed-virginia-supreme-court-opinion
Yelp v-hadeed-virginia-supreme-court-opinionYelp v-hadeed-virginia-supreme-court-opinion
Yelp v-hadeed-virginia-supreme-court-opinionGreg Sterling
 

Plus de Greg Sterling (20)

Ab 1760 -_amendments
Ab 1760 -_amendmentsAb 1760 -_amendments
Ab 1760 -_amendments
 
Joint ad trade letter to ag becerra re ccpa 1.31.2019
Joint ad trade letter to ag becerra re ccpa 1.31.2019Joint ad trade letter to ag becerra re ccpa 1.31.2019
Joint ad trade letter to ag becerra re ccpa 1.31.2019
 
Goldman v breitbart_-_opinion
Goldman v breitbart_-_opinionGoldman v breitbart_-_opinion
Goldman v breitbart_-_opinion
 
Google genericide-cert-petition
Google genericide-cert-petitionGoogle genericide-cert-petition
Google genericide-cert-petition
 
Elliott v. google
Elliott v. googleElliott v. google
Elliott v. google
 
Filed copy-first-amended-complaint-baldino-v-google-january-13-2017-1
Filed copy-first-amended-complaint-baldino-v-google-january-13-2017-1Filed copy-first-amended-complaint-baldino-v-google-january-13-2017-1
Filed copy-first-amended-complaint-baldino-v-google-january-13-2017-1
 
Amazon motion to quash echo-search
Amazon motion to quash echo-searchAmazon motion to quash echo-search
Amazon motion to quash echo-search
 
Google search bias letter 2016 01-26(1)-1
Google search bias letter 2016 01-26(1)-1Google search bias letter 2016 01-26(1)-1
Google search bias letter 2016 01-26(1)-1
 
Brave cease and desist final copy
Brave cease and desist final copy Brave cease and desist final copy
Brave cease and desist final copy
 
160315lordandtaylcmpt
160315lordandtaylcmpt160315lordandtaylcmpt
160315lordandtaylcmpt
 
Weiss vs google
Weiss vs googleWeiss vs google
Weiss vs google
 
Google search bias letter Utah-DC
Google search bias letter Utah-DCGoogle search bias letter Utah-DC
Google search bias letter Utah-DC
 
Uber Promotions vs Uber Technologies
Uber Promotions vs Uber Technologies Uber Promotions vs Uber Technologies
Uber Promotions vs Uber Technologies
 
Judge Pym order iphone
Judge Pym order iphoneJudge Pym order iphone
Judge Pym order iphone
 
Communication from the commission to the institutions december2015
Communication from the commission to the institutions december2015Communication from the commission to the institutions december2015
Communication from the commission to the institutions december2015
 
Complaint Google v. Local Lighthouse
Complaint Google v. Local LighthouseComplaint Google v. Local Lighthouse
Complaint Google v. Local Lighthouse
 
Phantom alertcomplaint
Phantom alertcomplaintPhantom alertcomplaint
Phantom alertcomplaint
 
Carnegie mellon google_ad_study
Carnegie mellon google_ad_studyCarnegie mellon google_ad_study
Carnegie mellon google_ad_study
 
Consumer watchdog rtbf letter
Consumer watchdog rtbf letterConsumer watchdog rtbf letter
Consumer watchdog rtbf letter
 
Yelp v-hadeed-virginia-supreme-court-opinion
Yelp v-hadeed-virginia-supreme-court-opinionYelp v-hadeed-virginia-supreme-court-opinion
Yelp v-hadeed-virginia-supreme-court-opinion
 

Dernier

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 

Dernier (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

Google inc-enforcement-notice-11062013

  • 1. 1 DATA PROTECTION ACT 1998 SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER ENFORCEMENT NOTICE DATED 11 June 2013 To: Google Inc. of: 1600 Ampitheatre Parkway Mountain View CA 94043 USA 1. Google Inc. is the data controller, as defined in section 1(1) of the Data Protection Act 1998 (the “Act”), in respect of the processing of personal data carried on by Google Inc. and is referred to in this notice as the “data controller”. Section 4(4) of the Act provides that, subject to section 27(1) of the Act, it is the duty of a data controller to comply with the data protection principles in relation to all personal data with respect to which he is the data controller. 2. The Act came into force on 1 March 2000 and repealed the Data Protection Act 1984 (the “1984 Act”). By virtue of section 6(1) of the Act, the office of Data Protection Registrar originally established by section 3(1)(a) of the 1984 Act became known as the Data Protection Commissioner. From 30 January 2001, by virtue of section 18(1) of the Freedom of Information Act 2000 the Data Protection Commissioner became known instead as the Information Commissioner (the “Commissioner”). 3. On 14 May 2010, the Commissioner became aware that the data controller’s Street View vehicles (adapted to collect publicly available Wi-Fi radio signals) had mistakenly collected payload data including email addresses, URLs and passwords relating to thousands of individuals. The data controller had intended to identify Wi-Fi networks and map their approximate location using the vehicle’s GPS co-ordinates when the radio signal was
  • 2. 2 received. The aim was to improve the geographic location database for location-based mobile applications. 4. In view of the remedial action taken by the data controller, the Commissioner decided to accept an undertaking dated 18 November 2010 (the “undertaking”) in which the data controller agreed (among other things) to “delete payload data that has been identified as having been collected by Google in the UK, to the extent that Google has no other outstanding legal obligation to retain such data.” 5. The data controller wrote to the Commissioner’s office on 27 July and 6 September 2012 admitting that they had accidentally retained four discs containing payload data collected in the UK. They were discovered in February 2012 when the data controller uncovered an irregularity in the quarantine disk inventory used to record the hard drives containing payload data. This irregularity had caused the drives to be omitted from the destruction process which the data controller had implemented after providing the undertaking. The Commissioner understands that the discs had been kept in quarantine cages and had not been accessed. However, the payload data should have been deleted. 6. On 5 October 2012, the data controller notified the Commissioner’s office that a fifth disc which may contain UK data had been discovered although some of the data held on the disc had not been collected in the UK so it is outside the Commissioner’s jurisdiction. 7. The Commissioner has considered a report on the issues arising out of the correspondence referred to in paragraphs 5 and 6 above, in addition to the further correspondence entered into with the data controller concerning this matter. The Commissioner has further considered the data controller’s compliance with the provisions of the Act in light of this matter. The relevant provision of the Act is the Fifth Data Protection Principle. 8. The Fifth Data Protection Principle provides, at Part I of Schedule 1 to the Act, that: “Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.” 9. The Commissioner is of the view that, in respect of the retention of payload data collected by Street View vehicles in the UK, the data controller has contravened the Fifth Data Protection Principle
  • 3. 3 in that they did not erase the payload data referred to in paragraph 5 above. 10. The data controller has given an explanation for their failure to erase the payload data referred to in paragraph 5 above. However, the Commissioner is still concerned that other discs holding payload data may have been overlooked during the destruction process. 11. The Commissioner considered, as he is required to do under section 40(2) of the Act when deciding whether to serve an Enforcement Notice, whether any contravention has caused or is likely to cause any person damage or distress. The Commissioner took the view that the likelihood of distress is self- evident. Individuals whose personal data has been collected by the data controller are likely to suffer worry and anxiety on account of the fact that other discs holding payload data may not have been destroyed. In view of the matters referred to above the Commissioner hereby gives notice that, in exercise of his powers under section 40 of the Act, he requires that: (1) Within 35 days of the date of this notice the data controller shall securely destroy any personal data within the meaning of the Data Protection Act 1998 held on vehicle discs and collected in the UK using Street View vehicles (to the extent that the data controller has no other legal obligations to retain such data) and, (2) If the data controller subsequently discovers a Street View vehicle disk holding personal data and collected in the UK it shall promptly inform the Information Commissioner. Right of Appeal There is a right of appeal against this Notice to the First-tier Tribunal (Information Rights), part of the General Regulatory Chamber. Information about appeals is set out in the attached Annex 1. Any Notice of Appeal should be served on the Tribunal within 28 days of the date on which this Notice is served. If the Notice of Appeal is served late the Tribunal will not accept it unless it is of the opinion that it is just and right to do so by reason of special circumstances. Dated the 11th day of June 2013
  • 4. 4 Signed: …………………………………..... David Smith Deputy Information Commissioner Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF
  • 5. 5 ANNEX 1 THE DATA PROTECTION ACT 1998 (PART V, SECTION 40) RIGHTS OF APPEAL AGAINST DECISIONS OF THE COMMISSIONER 1. Section 48 of the Data Protection Act 1998 gives any person upon whom an enforcement notice or an information notice has been served a right of appeal to the First-tier Tribunal (General Regulatory Chamber) (the “Tribunal”) against the notice. 2. If you decide to appeal and if the Tribunal considers: a) that the notice against which the appeal is brought is not in accordance with the law; or b) to the extent that the notice involved an exercise of discretion by the Commissioner, that he ought to have exercised his discretion differently, the Tribunal will allow the appeal or substitute such other decision as could have been made by the Commissioner. In any other case the Tribunal will dismiss the appeal. 3. You may bring an appeal by serving a notice of appeal on the Tribunal at the following address: GRC & GRP Tribunals PO Box 9300 Arnhem House 31 Waterloo Way Leicester LE1 8DJ a) The notice of appeal should be served on the Tribunal within 28 days of the date on which notice of the Commissioner's decision was served on or given to you. b) If your notice of appeal is late the Tribunal will not accept it unless it is of the opinion that it is just and right to do so by reason of special circumstances. c) If you send your notice of appeal by post to the Tribunal, either in a registered letter or by the recorded delivery service, it will be treated as having been served on the
  • 6. 6 Tribunal on the date on which it is received for dispatch by the Post Office. 4. The notice of appeal should state: a) your name and address; b) the decision which you are disputing and the date on which the notice relating to such decision was served on or given to you; c) the grounds of your appeal; d) whether you consider that you are likely to wish a hearing to be held by the Tribunal or not; e) if you have exceeded the 28 day time limit mentioned above the special circumstances which you consider justify the acceptance of your notice of appeal by the Tribunal; and f) an address for service of notices and other documents on you. In addition, a notice of appeal may include a request for an early hearing of the appeal and the reasons for that request. 5. By virtue of section 40(7), an enforcement notice may not require any of the provisions of the notice to be complied with before the end of the period in which an appeal can be brought and, if such an appeal is brought, the notice need not be complied with pending the determination or withdrawal of the appeal. However, section 40(7) does not apply where the notice contains a statement that the Commissioner considers that the notice should be complied with as a matter of urgency. Section 48(3) provides that where an enforcement notice contains a statement that the notice should be complied with as a matter of urgency then, whether or not you intend to appeal against the notice, you may appeal against – (a) the Commissioner’s decision to include the statement in the notice, or (b) the effect of the inclusion of the statement as respects any part of the notice. 6. Before deciding whether or not to appeal you may wish to consult your solicitor or another adviser. At the hearing of an appeal a party may conduct his case himself or may be represented by any person whom he may appoint for that purpose.
  • 7. 7 7. The statutory provisions concerning appeals to the First-tier Tribunal (General Regulatory Chamber) are contained in sections 48 and 49 of, and Schedule 6 to, the Data Protection Act 1998, and the Tribunal Procedure (First-tier Tribunal) (General Regulatory Chamber) Rules 2009 Statutory Instrument 2009 No. 1976 (L.20).