CPD Hours Level
Conference expert panelInformation 6 UpdateInformation
SRA Competency B


18 months to the day since the GDPR came into effect this conference, chaired by Robert Bond, examines the implications of this milestone in data protection law in relation to subject rights, demonstrating compliance, enforcement and compensation for breach, together with other critically related topics including e-privacy and managing cyber risks.

Conference Agenda

This conference will cover the following:

9.30am - 10.15am: Opening Address: The Data Protection Act 2018 and GDPR: How Do They Differ?

Dr Laura Scaife, Solicitor

The GDPR was directly enforceable in the United Kingdom and other EU Member States from 25 May 2018. The UK’s Data Protection Act 2018 transposes the GDPR into UK law.

It seeks to implement the GDPR (and there is additional secondary legislation that gives effect to it post-Brexit). It also legislates on matters such as employment law, security and exemptions.

This session will cover:

  • How the UK DP Act diverges from the GDPR
  • How the breach reporting and fine regimes will work under the national legislation
  • Exemptions
  • Grounds for processing special category data
  • Whether the UK will be deemed adequate for overseas data transfers
  • Latest news on Brexit and privacy in the context of trade negotiations

10.15am - 11.00am: Managing the Risks of BYOD and Social Media in the Workplace

Robert Bond, Bristows LLP

Whilst organisations have been focusing on protecting personal data and managing cyber risks, not enough attention has been given to the risks posed by personal devices and also the use of social media in the workplace.

This session provides a practical guide to securing confidentiality, trade secrets, reputation and also personal data from misuse or error by staff.

This session will cover:

  • The risks of BYOD to IP and Data
  • The challenges of social media to trade secrets, personal data and IP
  • How to manage the risks and challenges

11.15am - 12.00pm: Enforcement and Compensation Update

Keith Markham, Solicitor

Since 25 May 2018, the ICO can fine organisations up to €20 million or 4% of global turnover whichever is the higher.

This session will review examples of enforcement action that have taken place since the GDPR came into force. Recent cases concerning compensation will also be discussed.

This session will cover:

  • Summary of enforcement powers
  • Details of recent enforcement examples
  • ICO guidance on reporting and dealing with security breaches
  • Latest position on awards of compensation
  • Practical steps to limit risk

12.00pm - 12.45pm: GDPR - Demonstrating Compliance in Practice

Peter Wright, DigitalLawUk

This session covers examples of best practice as well as recurring problems for business when it comes to GDPR compliance by organisations and includes:

  • Email & communication measures
  • Solutions to assist remote working
  • Common faults when third party contracts are reviewed
  • Website compliance
  • Platforms that need to be discouraged/avoided
  • Around the office - making the workplace more secure
  • Governance & training

12.45pm - 1.00pm: Questions on Morning Session

2.00pm - 2.50pm: ePrivacy Update

Dr Laura Scaife, Solicitor

In January 2017, the European Commission published its draft regulation on privacy and electronic communications which intends to repeal Directive 2002/58/EC (‘the ePrivacy Directive’).

Aimed at updating the current rules on electronic communications and making them consistent with the GDPR, it includes changes in relation to the scope of application of the ePrivacy Directive, cookies provisions and eye-watering penalties.

This session will explore the key issues of the most recent draft of the ePrivacy Regulation and consider its interrelationship with the GDPR.

This session will cover:

  • The current ePrivacy Directive
  • The draft regulations relationship with the GDPR
  • Effects of changes to the law post 2018 to:
    • Use of cookies
    • The potential increasing reliance on consent
    • Effects on online advertising
    • Effects on profiling and analytics activities

2.50pm - 3.40pm: Data Subjects’ Rights Update

Keith Markham, Solicitor

The rights of data subjects were extended and improved by the GDPR and this session will review the most recent developments including relevant enforcement action and ICO guidance.

This session will cover:

  • Right to information - what information needs to be provided to data subjects and how do controllers comply where personal data was received from someone else?
  • Right of access - changes to fees and time periods but otherwise business as usual?
  • Right to erasure - in what circumstances can this be exercised and how should controllers respond?
  • Right to object - more than just direct marketing?
  • Profiling - what can and can’t been done?

3.55pm - 4.45pm: Review of Data Protection Laws Outside the EU

Robert Bond, Bristows

The last 18 months have seen a focus on the GDPR and its impact nationally and internationally. However, there are other similar laws being introduced in many parts of the world that have an international impact. This session will examine global data protection laws and their similarities to the GDPR.

This session will cover:

  • OECD guidelines
  • Convention 108
  • South Africa, Russia, Japan, Brazil

4.45pm - Close: Questions & Answers

Book now

Added to basket

Conference | 25.11.2019

London | 9:30am - 5:15pm

GDPR 18 Months On - 2019 Conference

Continue Shopping
9:30am - 5:15pm
Prices (ex VAT)
Plan Information
Ticket Information
Group bookings
Discounts are available for multiple conference places. Please telephone 0161 793 0984 or information@mblseminars.com for details.
Can’t Make the Date?

Please let us know if you wish to be notified when new dates are added for this programme

Related Events