See Credit Details Below
The European Union’s GDPR privacy law came into force in May, bringing with it the highly-publicized maximum penalty of 4% of worldwide turnover. But what, really, are the likely damages, penalties and collective claim procedures for employment-context data law violations in UK and Europe? Now we have some answers. In October, the UK Court of Appeal issued the Wm. Morrison Supermarkets decision, expanding employer “vicarious liability” exposure for UK data violations and introducing the specter of a sort of employee class action (“group litigation order”) for employee data law claims.
This fast-paced, interview-format session led by Littler Mendelson P.C.’s Donald C. Dowling, Jr. and featuring Darren Isaacs and Daniel Pollard, Littler London workplace data privacy experts offers strategies for proactive U.S.-headquartered multinational employers seeking to contain damages exposure to employee data-law claims in UK and the EU under GDPR. The session answers tough questions:
- How do UK and EU courts assess damages for data law violations? Is GDPR’s “4% of worldwide revenue” a likely measure in the employment context?
- The Wm. Morrison Supermarkets decision is groundbreaking as to employer vicarious liability for a data violation. But what is the practical effect? What can employers can do now, to contain exposure?
- How does the class-action-like UK “group litigation order” order work? Is it analogous to a U.S. opt-out class certification? Might a UK court certify a “group” (class) of employees from beyond the UK?
- UK is a common-law country about to leave the EU. How do the vicarious liability and class-claim features in the Wm. Morrison Supermarkets decision play out more widely, across the rest of Europe?
- What are best practices strategies for U.S. headquartered multinational employers working to contain damages exposure to GDPR claims and avoid “group” (class) actions?