The Privacy Professional

By Privacy Counsel What is PECR?  In February of this year, the Information Commissioner’s Office (ICO), or UK’s Data Protection Regulator, published additional guidance on the Privacy and Electronic Communications Regulations (PECR) , initially passed in 2003, on applying PECR to the DPA. How does PECR apply? There is frequently a lot of discussion around the e-Privacy Directive ( Directive 2009/136/EC ) and very little surrounding the UK. Although the UK is no longer part of the EU, it has adopted a GDPR national privacy law, The Data Protection Act (DPA). PECR applies in the context of UK residents specifically. The e-Privacy Directive applies to GDPR and EU residents. The chart below provides the similarities and distinctions between the two.    Differences from the E-Privacy Regulation PECR E-Privacy Directive Scope PECR applies to the transmission of unsolicited electronic messages to individuals in the UK. ePD applies to the processing of personal data and security of the trans

Data breaches are happening more frequently than most companies are willing to admit. Labcorp, one the nation’s largest medical diagnostic companies, released a statement yesterday stating that it is investigating a possible Data breach that may have occurred over the weekend. I applaud Labcorp for coming forth so early in the breach response process. What sets a company apart from pack is not only their efforts to prevent and breaches,  but how the structure their breach response polices. More than ever it is essential that effected parties are notified as soon as possible,  to prevent further harm to the party and further reputational harm to the company. You can read more about the Labcorp data breach clicking the hyperlinked text.