We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
EU Launches UK Adequacy Decision Renewal Process - On 22 July 2025, the European Commission announced that it had launched the process to renew the adequacy decision for the United Kingdom (UK) and confirmed that the UK’s...more
The DUAA introduces several reforms to UK data protection law, but their implications are relatively limited in practice. The Data (Use and Access) Act 2025 (the DUAA) was enacted on 19 June 2025 and amends rather than...more
The Data (Use and Access) Bill passed both Houses of UK Parliament and received Royal Assent on 19 June 2025, now becoming the Data (Use and Access) Act 2025 (“DUA Act”). This is the final iteration of the Data Protection and...more
In recent weeks, the EU and UK have both introduced changes to their respective versions of Europe’s landmark privacy legislation, the General Data Protection Regulation (GDPR). These reforms mark the first substantial...more
On June 19 2025, the Information Commissioner’s Office (ICO) published guidance on the Data (Use and Access) Act 2025 (DUAA), which received Royal Assent on the same day. The DUAA introduces significant changes to the UK data...more
On 19 June 2025 the Data (Use and Access) Act (the "DUA Act") received Royal Assent and became law in the UK, having been passed by the UK Parliament on 11 June 2025. The DUA Act principally reforms the General Data...more
The UK’s Data (Use and Access) Act received Royal Assent last Thursday, June 19th, bringing into law some significant changes to the country’s post Brexit data protection framework, among an array of other, related rules (on...more
On June 19 2025, the Data (Use and Access) Act (DUA Act) received Royal Assent, having passed both Houses of Parliament on June 11 2025. The Data (Use and Access) Bill was first introduced in the House of Lords on October 23...more
Recently, there has been an increase in individual rights activity across Europe, particularly organizations receiving Data Subject Access Requests (DSARs) from former employees. ...more
The Information Commissioner's Office (ICO) has published its report alongside a press release following a review into the gathering and use of children's data in financial services, particularly from services supplying them...more
On March 26, 2025, the UK data protection regulator (the Information Commissioner’s Office (“ICO”)) fined Advanced Computer Software Group Ltd (“Advanced”) £3.07 million (approximately $4 million). In 2022, Advanced suffered...more
On 19 March 2025, the European Data Protection Board published an updated procedure for co-operation between EU data protection supervisory authorities approving GDPR Binding Corporate Rules for intra-group transfers of EU...more
On March 18, 2025, the European Commission proposed to extend its adequacy decision in favor of the United Kingdom (‘UK’) for an additional six-month period. This would allow free flows of personal data from the EU to the UK...more
The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more
The UK’s data protection regulator, the Information Commissioner’s Office (ICO), has recently announced investigations into three companies in connection with the use of children’s personal information. In a statement on...more
On February 20 2025, the Information Commissioner’s Officer (the ICO) published the third edition of the Tech Horizons Report (the Report). The Report identifies four new technologies expected to emerge over the next 2 to 7...more
As tax authorities embrace new digital technologies, the issue of safeguarding citizens' data privacy rights steps to the fore. Since the implementation of the EU General Data Protection Regulation (GDPR) in 2018, there has...more
On January 23, 2025, Mrs Justice Collins Rice of the UK High Court issued a ruling in the case of RTM v Bonne Terre Limited and Hestview Limited (trading as Sky Betting and Gaming, (SBG)). The claim - The judgment...more
What happened? The UK Information Commissioner’s Office (ICO) has released updated guidance on ‘consent or pay’ business models. These models present users with a choice to either consent to the processing of their...more
On February 5 2025, the UK Information Commissioner's Office (ICO) released new guidance designed to help employers understand and comply with their obligations under the UK GDPR and the Data Protection Act 2018 in relation...more
In RTM v Bonne Terre Limited Hestview Limited, the English High Court found the Defendants, operating as Sky Bet (SBG), liable for breaches of data protection law. The claim raises important points of law for all...more
The Court of Appeal has handed down its judgment in the case of Prismall v Google UK Ltd and DeepMind Technologies Ltd [2024] EWCA Civ 1516. Finding for Google, the Court of Appeal upheld the lower Court’s decision to...more
A new decision by the United Kingdom’s high court says that even if you have cookie and marketing consent mechanisms that are sufficient for valid consent under privacy laws for the general public, they may not be enough for...more
The new Data (Use and Access) Bill is making its way through the parliamentary process, and is expected to be passed in the first half of 2025. The Bill proposes to amend the UK data privacy regime to make it easier for...more
The UK Information Commissioner’s Office (the ICO) has published guidance to help firms take steps to protect customers’ personal information when data is shared between firms to prevent fraud and scams....more