At some time or another, most of us will have received one of those annoying marketing calls, texts or emails asking if we’ve been involved in a road traffic accident or been mis-sold PPI, and have no doubt responded with “how did you get this number?” or simply blocked the caller. However, what many of us don’t realise is that at some point we will have either expressly or (more likely) inadvertently given our consent to being contacted by these parties for marketing purposes. This can be, for example, when we make an online purchase or enter a competition and omit to tick that tiny box to confirm that we don’t actually want to receive such marketing communications!
Greater Manchester Police (GMP) has been fined £150,000 by the Information Commissioner’s Office (ICO) for breach of the Data Protection Act 1998 (DPA), showing that no organisation is above the law when it comes to the ICO’s tough stance on data security.
In 2015, GMP sent DVDs containing footage of interviews with named victims of violent or sexual crimes to the National Crime Agency. The DVDs were unencrypted. They were sent by recorded delivery, but were never received and have not been recovered to date.
When entering into a business relationship, it is best practice to ensure that the parties’ obligations and arrangements are clearly defined and set out in writing. Not only does this give clarity to the terms of the agreement but also provides certainty for the parties. That being said, businesses can still form contracts by verbal agreement of the parties, where what the parties have agreed has not been set out in writing, but the following 4 elements have been satisfied:
- An Offer;
- Acceptance of the offer;
- Consideration (usually payment of a price); and
- An Intention to create legal relations – a legally binding contract will come into existence.
Charities heavily fined for misusing donor’s personal data
Last week the Information Commissioner’s Office (ICO) announced that it had fined eleven more charities for breaching the Data Protection Act 1998 and the Privacy and Electronic Communications Regulations. This is further to the penalties issued to the RSPCA and the British Heart Foundation in December 2016. It acts as a stark reminder to all businesses that they must understand and comply with data protection legislation otherwise face large fines and serious reputational damage.
When there is a dominant personality on the board of a company it is easy for the other directors to become sidelined, whether through choice or because matters are simply taken out of their hands. This is particularly the case where the dominant director is also the majority shareholder and runs the business as if it were his or her own personal property. The recent case of Dickinson v NAL Realisations (Staffordshire) Ltd underlined that directors cannot simply sit back and allow one dominant director to run the company, but must take an active role in the management of the company. The case also serves as a reminder of the importance of directors ensuring that they have proper authority to enter into transactions, and that they take into account the interests of all shareholders in carrying out directorial duties.
It is not long ago that the idea of driverless cars was confined to visions of the future portrayed in film and TV. However, driverless technology is fast becoming a reality, with companies like Google and Tesla taking the lead and many vehicles now commonly utilising features which make decisions for the driver such as cruise control, ABS and self-parking.
The technology offers many benefits to people who are leading ever increasingly busy lifestyles. Commuters may be able to check their e-mails, read a book or engage in a telephone call during their journey. However, despite the fact that the technology promises to improve road safety by reducing the risks associated with human error (which are responsible for more than 90% of current road fatalities), it remains to be seen how quickly people will adapt and place trust in the technology.
The top 10 family board games of 2016 included titles such as Sherlock Cluedo, Obama Llama, Penguins Pool Party, Blockbusters and Bananagrams. Hundreds of new board games are developed each year, and in a highly competitive market, only a few make it to the top of the Christmas best sellers list.
Fierce competition has prompted many board game developers to seek professional advice on how they can protect their ideas and designs, in the hope that what they have developed is the next big game! However, protecting such interests is not a simple process and in most cases the costs and time frames involved are disproportionate to the benefits that such protection brings. We discuss below a number of ways in which developers may seek to protect their board game.
CCTV cameras are now commonplace around the UK; many businesses, public places and private homes have them installed to improve safety and security. But did you know that, as a business owner, you are required by law to register your CCTV camera with the Information Commissioner’s Office (ICO)?
Section 17 of the Data Protection Act 1998 (DPA) prohibits the processing of personal data, including footage from CCTV cameras, without having a registered entry on the ICO data protection register.
Almost everyone has insurance that they expect (or hope!) to be able to rely on when things go wrong. However, we’ve all heard stories about cases where insurers have not paid out, like the claim for losses suffered following a burglary that is rejected because the homeowner left a window open…despite the fact that the burglars broke in through the back door.
When entering into supply contracts, suppliers will be keen to ensure that they have insurance in place that will offset the risk (or part of the risk) of any potential liability they may have if they find themselves in breach of contract. Similarly, customers will often be keen to know that the supplier will have the means to settle any such claims and may insist on the supplier agreeing to put a certain amount of cover in place with a reputable insurer.
It is important in corporate and commercial transactions to ensure that contracts are drafted in a clear, concise and accurate manner and that the parties consider their wider business interests when negotiating terms. For example, boilerplate clauses (being the more standard clauses generally found in most contracts) can often be overlooked, and occasionally clauses may be drafted in an ambiguous or even contradictory way. Ultimately, parties may need to turn to the Courts to ascertain what the contract actually says. Litigation is often a costly and lengthy process, which could potentially have been avoided with more careful contract drafting.
Later today (14 February 2017) the Queen will open the National Cyber Security Centre (NCSC) in London. The NCSC will form part of the GCHQ intelligence and security agency and will be the authority on the UK’s cyber security environment.
The NCSC forms part of the Government’s five-year National Cyber Security Strategy, published on 1 November 2016. As part of this strategy, the Government announced that it would be investing £1.9 billion in cyber security over the next five years, demonstrating how seriously the Government views cyber security issues.
As consumers, we’ve all done it…signed up to a contract for a new service, perhaps to take advantage of an introductory special offer with the intention of cancelling it before the price changes or the term renews, only to forget to cancel…so, where do parties to these types of contracts stand in relation to auto-renewals?
Under the Act, consumers entering into a new contract have a 14 day “cooling off” period during which time they may terminate the contract without penalty. But does the consumer have the same right in relation to a contract which is automatically renewed after an initial fixed period?
Whether you’re a supplier or a customer, when entering into a new contract there are certain concerns that are likely to be key. Apart from making sure that you get paid (if you’re the supplier) or that your payment obligations are clearly set out (if you’re the customer), potential exposure to liability under the contract is often high on the agenda.
Parties to contracts will often seek to exclude and limit their liability under a contract. All businesses want to ensure that they are not exposing themselves to excessive risk, yet this is an area that can be difficult to understand because the wording of limitation of liability clauses can seem overly legalistic at times.
The Competition and Markets Authority (CMA) has exercised its powers to disqualify a director for breach of competition law for the first time. Directors are reminded that they can face personal consequences for competition law breaches, in addition to company fines. The business community should be warned that the CMA will be “absolutely prepared” to use the power to disqualify a director again.
The Information Commissioner’s Office (ICO) recently issued a record fine of £400,000 to TalkTalk Telecom Group PLC (TalkTalk) for its failure to prevent a cyber-attack resulting in a significant data breach resulting in the loss of personal data of almost 157,000 customers, sending a strong message to businesses of the importance of data security.
This is one of several heavy fines recently imposed by the ICO for data security issues. More recently, Royal and Sun Alliance has also received a fine of £150,000 following the theft of a hard drive containing the personal data of thousands of customers by an unknown employee or contractor who had access to RSA’s supposedly secure server room.
As the British are dusting off their snowsuits in preparation for the cold front set to hit the UK tomorrow, data protection authorities on both sides of the pond are grabbing their brollies to provide shelter for the transatlantic exchange of personal data.
Privacy Shield for personal data in commercial transactions
In October 2015 the European Court of Justice (ECJ) ruled that the “Safe Harbour” framework could not be relied upon to protect EU citizens’ personal data being transferred outside of the European Economic Area. In response, the “Privacy Shield” framework was introduced by the US government and European Commission to govern transatlantic exchanges of personal data for commercial purpose.
It can be very tempting to start providing a service or supplying goods to a client who is desperate for them, particularly when you have monthly targets to hit! But potential uncertainty around what terms will apply to such a relationship creates risk for both parties.
It is common for parties to enter into commercial transactions or arrangements without having drawn up a formal written contract. Even where contracts are drawn up, suppliers sometimes start delivering projects before contracts have been finalised or signed. It is usually at the point of a misunderstanding or disagreement between the parties that the question arises as to what terms, if any, apply to the relevant transaction or arrangements.
The International Organisation for Standardisation (the ISO) has produced a global standard on Anti-Bribery Management Systems (ISO 37001) (the Standard) to assist organisations in maintaining effective anti-bribery programmes.
The introduction of the Bribery Act 2010 (the Act) represented the biggest change in this area of law in over 100 years. Many organisations feared that the overhaul would significantly change the way they did business due to the restrictive nature of the regime; it appeared that even relatively innocuous business-focused social engagements, such as client lunches, could potentially be caught by the Act. The practical reality is that, on the whole, this does not appear to have been the case. The Act does provide that failure by an organisation to prevent bribery is an offence, but the organisation will have a defence if it can show that it had in place adequate procedures designed to prevent bribery.
A recent High Court case, Idemitsu Kosan Co Ltd v Sumitomo Co Corp, serves as a useful reminder of the importance, and value, of getting specialist advice when drafting and negotiating share and asset sale agreements.
Facebook has agreed to pause its data sharing activities with its subsidiary company WhatsApp. The move is in response to the UK Information Commissioner’s Office’s (ICO) investigation following concerns raised by data protection authorities across Europe.
On 3 November 2016, the Office of Tax Simplification (OTS) published a final report on its proposals for introducing a Sole Enterprise with Protected Assets (SEPA) model for sole traders. The model aims to provide sole traders with a level of limited liability, whilst retaining the more simple form of tax and regulatory regimes they currently enjoy.
Did you know that terms in your contract could be unenforceable if they are unfair? The Competition and Markets Authority (CMA) has conducted research which has revealed that some businesses believe that a signed contract is final, not realising that they cannot enforce a term against a consumer that is unfair. 54% of those surveyed did not fully understand the rules on unfair terms, which directly impacts how they treat their customers.
Many websites re-direct visitors to other sites that may be interesting or relevant to that particular user. But do website owners need to carry out any checks in terms of the ownership of content on third party sites before doing this?
Setting up a business is exciting but it is important to review all eventualities and the inevitable, death!
On death, a shareholder’s shares are dealt with as part of their estate. If there is a Will, it will be dealt with in accordance with those terms. If there is no Will, the shares are dealt with in accordance with the intestacy rules. For shares in a qualifying business, the shares may attract Business Property Relief (BPR) for inheritance tax purposes and this can be as much as 100% of the value.
When buying online goes wrong: European Commission encourages clarity around where to turn by requiring traders to publish links to online dispute resolution platform
Buying and selling online is becoming increasingly common, but can be risky for both traders and consumers. At some time or another, many of us have experienced disappointment following an online purchase or faced a complaint from a customer that we may feel is unjustified.
Many businesses develop without registering their business name as a trade mark. For most businesses, their name is a key asset which is essential to the development and preservation of their brand and goodwill. It would be an unwelcome surprise to receive a “cease and desist” letter demanding that the business must stop using its name, on the grounds that it infringes a trade mark that has been recently registered by another person.
The Competition & Markets Authority (the CMA) has produced guidance on ‘unfair’ contract terms for businesses that deal with consumers. The guidance is available here in a short form summary, together with a more detailed guidance note.
Earlier this year, the Information Commissioner’s Office (ICO) launched a self-assessment toolkit to help small and medium sized enterprises (SMEs) evaluate and improve their compliance with the Data Protection Act 1998 (DPA).
Myerson Solicitors advises on the management buyout of the business of Assured Vehicle Rental, a provider of specialist rental vehicles.
Altrincham commercial law firm Myerson Solicitors LLP has advised on the management buyout of the entire issued share capital of Assured Vehicle Rental Limited.
A recent EU General Court decision has given brand owners useful guidance on what a Court may consider when deciding whether or not a mark is distinctive in character.
Sock manufacturer, Renfro, registered the brand name of a line of socks it manufactured, “HOT SOX”, as a European Union Trade Mark No. 0962191 on 20 April 2009.
The High Court has dismissed a claim against a City law firm for professional negligence. Antonio Caliendo, the former chair of Queens Park Rangers (QPR) football club, claimed that he had an ‘implied retainer’ with the law firm and that they did not advise him correctly on the sale of his shares in QPR. The Court found that no such implied retainer was evident, and that the law firm only owed a limited duty of care to Caliendo.
Good news for anyone that hates receiving those pre-recorded calls that advise you of your right to compensation for a road traffic accident that you didn’t know you’d had…
Earlier this year, the independent body set up to uphold information rights, the Information Commissioner’s Office (ICO), issued its largest ever fine of £350,000 on a lead generation firm responsible for making or instigating over 46 million automated calls without individuals’ prior consent and in contravention of Privacy laws.
No safe harbour for the EU and US: data protection watchdog strikes a blow to credibility of proposed Privacy Shield
Following the ECJ’s decision in October 2015 that the Safe Harbour framework could not be relied upon to adequately protect EU citizens’ personal data being transferred outside of the European Economic Area (EEA) (see here), the US government and the European Commission have continued discussions on a proposed ‘Privacy Shield’ framework to govern transatlantic exchanges of personal data for commercial purposes.
It’s hard to believe it’s almost 50 years since Dick Van Dyke played the role of eccentric inventor, Caractacus Potts, in Chitty Chitty Bang Bang. In the film, the inventor finds his fortune after developing a musical treat known as “Toot Sweets” and earns the money to buy an old race car that he tinkers with until it is able to fly. It’s unlikely that Caractacus Potts worried too much about filing an application for a patent to protect his invention, but in real life, applying for a patent is an important protection for all would-be inventors.
New regulations have come into force this month that make it obligatory for companies and LLPs to keep a register of ‘Persons of Significant Control’. The idea behind this is to make companies more transparent by ensuring details of people who have control of the company are available to the public.
Myerson Solicitors advises Europe’s premier live escape experience, The Escape Room, on its UK expansion and worldwide licencing
Altrincham commercial law firm Myerson Solicitors LLP continues to advise The Escape Room on its UK expansion and worldwide licencing.
The first Escape Room opened in Manchester in January 2015 and continues to be a huge success. It was also the first Escape Room in Europe to have an exclusive bar. Since the launch of the pilot in Manchester, Myerson Solicitors has continued to advise The Escape Room on various franchises across the UK, Europe and the Middle East. The latest franchises are expected to be as popular, if not more so, than the pilot.
Every provider of professional services owes its client a duty of care and if a professional breaches its duty, the client may pursue a claim for professional negligence. However, what happens when the professional is a friend and the advice was offered on an informal, gratuitous basis?
Admin assistant fined for data theft: Information Commissioner calls for custodial sentences for data thieves
Last month, Isleworth Crown Court fined an Enterprise Rent-A-Car admin assistant £1,000 after she pleaded guilty to selling the personal data of approximately 28,000 customers, for £5,000. Such theft is a criminal offence under section 55 of the Data Protection Act 1998 (DPA). However, the maximum penalty that an offender currently faces is a fine of up to £5,000 at the Magistrates court or an unlimited fine at the Crown Court. This had led the Information Commissioner, Christopher Graham, to once again call for tougher punishments for those convicted of stealing personal data.
A long time ago in a galaxy far away, before the Internet was invented, it would have been hard to even perceive that such a threat could exist; but, now, threats to cyber security poses one of the biggest risks faced by businesses in the 21st century. The consequences of cyber security breaches can be significant, not only in terms of financial loss, but also reputational damage. Recent developments in data protection regulation suggest that the Information Commissioner’s Office (ICO) may soon have the power to fine an organisation up to 4% of its global annual turnover. Businesses must, therefore, give careful consideration to their cyber security arrangements.
With the rise of smartphones and other technologies, many of us are turning to cloud storage to store the hundreds of photos, music, films and documents that we tend to accumulate. These items are important to us: precious memories, valuable music and film collections and confidential work documents.