Life With GDPR: Cookie Compliance
Universal Consent: Building Beyond Cookie Consent
Data Dividend: What is Personal Data Worth?
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Data Revolution: How U.S. Privacy Laws Change the Way Data Should be Managed by Retail and Tech Industries
Fashion Counsel: Privacy in the Retail Fashion Industry
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
The California Privacy Protection Agency (CPPA) is now in its second year with full enforcement powers and has begun to exercise its authority under the California Consumer Privacy Act (CCPA) in significant ways in 2025. With...more
In an era of escalating data breaches, organizations must be vigilant in protecting consumer information. A comprehensive federal data privacy law would streamline compliance efforts, but Congress has yet to pass one, leaving...more
The UK Information Commissioner’s Office has launched two consultations as part of the transition to the Data User and Access Act framework. These consultations will be of particular interest to organisations operating...more
Tired of ad blockers, cookie deprecation, and opt-outs undermining your marketing efforts? You may be investigating server-side tracking as a way to grow your access to data. Server-side tracking can be a great approach for...more
With so much data flying around, it’s more essential than ever that personal information remain private. To help make sure of this, there are a growing number of regulations aimed at personal data protection—like the GDPR and...more
You never think about breathing air. Most of the time, you’re not consciously moving your legs as you walk. You don’t have to remind yourself to blink every few seconds. For modern businesses, that’s what processing personal...more
On July 16 2025, the ICO published its annual report and financial statements for the period from April 1 2024 to March 31 2025 (the Report)....more
11 Have you ever clicked "I agree" without really knowing what you are agreeing to? You are not alone, and businesses often rely on that. Consent is now the cornerstone of data privacy, including India's Digital...more
- What is new: The ICO is proposing to relax its enforcement of cookie consent requirements, meaning user consent would not be required for lower-risk advertising cookies. - Why it matters: The proposals aim to address...more
On May 1, 2025, the California Privacy Protection Agency (CPPA) issued a Final Order in one of its first public enforcement actions under the California Consumer Privacy Act (CCPA), imposing a fine of nearly $350,000 on the...more
As we pass the mid-point of 2025, it’s a good time to review the important developments we have seen in the first 6 months of this year, particularly reforms to the UK’s data protection laws, the EU’s pathway to...more
The DUAA introduces several reforms to UK data protection law, but their implications are relatively limited in practice. The Data (Use and Access) Act 2025 (the DUAA) was enacted on 19 June 2025 and amends rather than...more
The Data (Use and Access) Bill passed both Houses of UK Parliament and received Royal Assent on 19 June 2025, now becoming the Data (Use and Access) Act 2025 (“DUA Act”). This is the final iteration of the Data Protection and...more
An increasingly aggressive plaintiffs’ bar has brought purported class action suits based on the nearly ubiquitous use of tracking technologies used for website analytics. Although any actual harm to the plaintiffs is...more
In recent weeks, the EU and UK have both introduced changes to their respective versions of Europe’s landmark privacy legislation, the General Data Protection Regulation (GDPR). These reforms mark the first substantial...more
On June 19, 2025, the UK Data (Use and Access) Act 2025 was enacted, marking the culmination of a lengthy legislative process aimed at reshaping aspects of the country’s data protection regime. First proposed in 2021 as part...more
On June 19, 2025, the UK Data Use and Access Bill (DUA Bill) finally received Royal Assent and passed into law as the Data Use and Access Act 2025 (DUA Act). The DUA Act amends the UK General Data Protection Regulation (UK...more
After a legislative reform that has seen four different Prime Ministers, three different Bills and many deliberations across both Houses of Parliament, the UK is now on course to introduce some changes to the data protection...more
On 14 May 2025, the Brussels Court of Appeal (Market Court) delivered the long-awaited judgement in the case concerning the Transparency & Consent Framework (“TCF”) (case no. 2022/AR/292). The Court largely upheld the...more
Trends and areas of focus under U.S. state data protection laws emerge as U.S. states with data protection laws in place increase enforcement actions and coordination....more
California Senate Bill 690 (SB 690), introduced by Senator Anna Caballero, is continuing to proceed through the California state legislative process. The proposed bill would amend the California Invasion of Privacy Act (CIPA)...more
On April 24 2025, the French supervisory authority (CNIL) issued a draft recommendation to address challenges in collecting user consent for cookies and trackers across multiple devices (the Draft Recommendation). The new...more
On 15 April 2025, the Dutch Data Protection Authority (DPA) issued warnings to 50 organisations, including online retailers, media companies, and insurers, for deploying misleading cookie banners or unlawfully placing...more
On 12 March 2025, the California Privacy Protection Agency (CPPA) settled with an automaker that allegedly violated various aspects of the California Consumer Privacy Act (CCPA). This first-of-its-kind settlement for the...more
Last week, the California Privacy Protection Agency (CPPA) settled its first non-data broker enforcement action against American Honda Motor Co. for a $632,500 fine and the implementation of certain remedial actions....more