We are now on the first stop – illegal harms – of Ofcom’s (the UK’s online safety regulator) roadmap for what online providers must do to comply with the OSA.
- By March 16, 2025, in-scope services must assess the risk of...more
On February 20 2025, the Information Commissioner’s Officer (the ICO) published the third edition of the Tech Horizons Report (the Report). The Report identifies four new technologies expected to emerge over the next 2 to 7...more
3/10/2025
/ Artificial Intelligence ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Healthcare ,
Information Commissioner's Office (ICO) ,
Machine Learning ,
Personal Data ,
Privacy Laws ,
Technology ,
UK
The UK Information Commissioner’s Office (ICO) issued guidance on content moderation technologies and processes for the first time (the Guidance). In its press release on 16 February 2024, the ICO flagged the need for content...more
On 3 October 2023, the European Commission announced a public consultation regarding the draft implementing regulation (Draft Regulation) establishing the European Common Criteria-based cybersecurity certification scheme...more
The UK-US data bridge is the UK Government’s preferred terminology to describe its decision to permit the flow of personal data from the UK to the US, achieved through the UK Extension to the EU-US Data Privacy Framework. The...more
The UK National Cyber Security Centre (NCSC) published its guidance on shadow IT on 27 July 2023.
‘Shadow IT’ are unknown assets that are used within an organisation for business purposes (including in certain cloud...more
The White House announced on 21 July 2023 that seven companies involved in development of artificial intelligence (AI) technology had voluntarily committed to manage the risks posed by AI. These companies are: Amazon,...more
The UK National Cyber Security Centre (NCSC) revised its guidance on risk management on 26 June 2023, which was last updated in 2018....more
The UK Information Commissioner's Office (ICO) published a report on neurotechnology and released an accompanying statement on 8 June 2023....more
The Pakistan Ministry of Information Technology and Telecommunication (MITT) released a new draft of the Personal Data Protection Bill, 2023 (the PDPB) on 19 May 2023. The PDPB aims to regulate the collection, processing,...more
6/5/2023
/ Cybersecurity ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Pakistan ,
Personal Data
In the five years since the European Union’s General Data Protection Regulation came into force, what have been the main learnings for business, and what will the future hold?...more
The European Parliament’s committees for Civil Liberties, Justice and Home Affairs (LIBE) and for Internal Market and Consumer Protection (IMCO) adopted a report setting out the Parliament’s vision for the proposed EU...more
The EDPB published its 2022 activity report “Streamlining Enforcement Through Cooperation” (the Activity Report) on 17 April 2023, which provides an overview of the work it carried out in 2022. The report reflects on, amongst...more
Within the past year, a number of countries around the world, including the United States, United Kingdom, France, and The Netherlands have initiated regulatory inquiries and developed new strategies for the purpose of more...more
4/25/2023
/ Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
NIST ,
Popular ,
UK
The Court of Justice of the European Union (CJEU) considered appropriate conditions that apply in respect of specific national legislation which EU member states may adopt under Article 88 GDPR to regulate the processing of...more
The European Data Protection Board (EDPB) held its 77th plenary meeting on 28 March 2023. The EDPB considered the following key topics...more
The European Data Protection Board (EDPB) issued its opinion on the draft adequacy decision of the European Commission (Draft Decision) regarding the EU-US Data Privacy Framework (DPF) on 28 February 2023. The DPF is a...more
The World Economic Forum (WEF), an influential international non-governmental organisation for public-private cooperation, published its white paper on overcoming the barriers to international data flows on 16 January 2023....more
The OECD countries adopted the first intergovernmental declaration setting out common approaches to providing privacy and data protection safeguards for governmental access to personal data held by private sector (on 14...more
The plenary session of the European Parliament adopted the final versions of the Directive on measures for a high common level of cybersecurity across the Union (NIS2 Directive) and of the Digital Operational Resilience Act...more
On 7 October 2022, the President of the United States signed an Executive Order on Enhancing Safeguards for US Intelligence Activities. The Executive Order aims to implement the United States' commitments to protect EU-US...more
On 13 July 2022, the Public Procurement Chamber of the German state of Baden-Württemberg (the Public Procurement Chamber) issued a decision confirming that personal data processed by an EU subsidiary of a parent entity...more
The European Data Protection Board (EDPB) has adopted, on 16 June 2022, the draft guidelines on certification as a tool for transfers of data to third countries without adequacy status (the Guidelines). The text of the...more
On 5 May 2022, the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a joint opinion (Opinion) addressing the legislative proposal of the European Commission for the EU Data Act,...more
On 21 April 2022, seven economies participating in the Asia-Pacific Economic Cooperation (APEC) Cross-Border Privacy Rules (CBPR) System announced the launch of the Global CBPR Forum to facilitate multinational cooperation in...more