We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
It is rare for employers to receive genuinely positive news in the data protection sphere, but the Data (Use and Access) Act 2025 (DUAA) is a notable exception. The DUAA aims to ease compliance burdens, introduce greater...more
On February 5 2025, the UK Information Commissioner's Office (ICO) released new guidance designed to help employers understand and comply with their obligations under the UK GDPR and the Data Protection Act 2018 in relation...more
In the fast-paced, ever-changing world of data, privacy, cyber, and AI, staying ahead of the curve is crucial. Following Data Protection Day 2025 last month, we've identified ten key themes that might significantly impact...more
In the fast-paced, ever-changing world of data, privacy, cyber, and AI, staying ahead of the curve is crucial. To mark Data Protection Day 2025, we've identified ten key themes that might significantly impact our clients in...more
The Information Commissioner’s Office (ICO) has recently published guidance for employers on monitoring workers lawfully, transparently and fairly. The guidance aims to protect workers’ data protection rights and help...more
The latest UK Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) proposals for improving diversity and inclusion in financial services include requiring firms to report on six new inclusion metrics....more
Developing and maintaining an inclusive environment is crucial for realising the benefits of having a diverse organisation. With this in mind, the UK Financial Conduct Authority (FCA) and UK Prudential Regulation Authority...more
The UK Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) are consulting on proposals to introduce a new financial services regulatory framework on diversity and inclusion (D&I) in the financial...more
Welcome to your weekly update from the Allen & Overy Pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions. This week we cover the following topics: TPR speech on DC...more
The UK financial regulators’ proposals for creating a new regulatory framework for diversity and inclusion (D&I) in financial services are wide-ranging and detailed but have at their heart a few consistent themes. ...more
Following on the heels of the launch of the EU-U.S. Data Privacy Framework (DPF) this summer, the U.S. Department of Commerce has extended the DPF to cover transfers of personal data from the United Kingdom (UK) (and...more
Welcome to your weekly update from the Allen & Overy Pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions. This week we cover the following topics: HMRC Pensions Tax...more
For US companies contemplating an expansion into the UK, there are a number of employment-related factors to consider, as the requirements for employers and rights of employees differ significantly across the pond. Below,...more
This issue of the UK Employment Flash looks at the latest employment law developments and insights about employment law in the U.K., including an exploration of the potential relationship between artificial intelligence and...more
In a new series of monthly updates, members of our London Employment team bring you the latest decisions and developments in UK employment law. In this month's update, we outline the new guidance issued by Acas regarding...more
Employers often want to have a data retention policy that works for all of their international operations. We look at the challenges with this approach and how to make it work in practice....more
In response to the government’s relaxation on COVID-19 restrictions, the UK’s data protection regulator, the Information Commissioner’s Office (the ICO), has published guidance for employers on their data protection...more
The UK Supreme Court has confirmed that employers are not liable for the actions of their rogue employees. It overturned the Court of Appeal (CoA) decision in Morrisons that employers can be vicariously liable for an...more
UK Supreme Court ruled this week in favour of retailer facing vicarious liability class action claims following significant data breach caused by rogue employee. The case is a stark reminder of the responsibilities of...more
This guide has been compiled to give an overview of the rudimentary legal aspects that should be considered by anyone thinking of establishing a business in the UK. It is aimed at businesses that may already be established in...more
An employer was held by the Court of Appeal to be vicariously liable for a rogue employee’s deliberate and criminal disclosure of the personal data of other employees. This was despite the employee’s aim being to harm the...more
UK supermarket chain Morrisons has been held vicariously liable for the acts of a malicious employee in the UK’s first data leak class action. The issue began in 2014, when a disgruntled Morrison’s internal IT auditor posted...more
Who's the boss? Employer liable for MD's assault on member of staff - The Court of Appeal found an employer liable for its managing director's assault on a member of staff during a post-Christmas party drinking session, in...more
In Various Claimants v WM Morrisons Supermarket PLC [2017] EWHC3 113 (QB), the High Court considered whether an employer was liable for an employee’s malicious disclosure of personal data belonging to other employees. This...more
The United Kingdom High Court recently issued a landmark liability judgment against the supermarket, Morrisons, following a data breach caused by a rogue employee (Various Claimants v. WM Morrisons Supermarket [2017] EWHC3113...more