News & Analysis as of

European Union Information Commissioner's Office (ICO)

The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of... more +
The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of WWII. The EU maintains a common currency as well as several intranational institutions, including the European Parliament and the European Commission. less -
Paul Hastings LLP

ICO Annual Report Provides Insight Into Data Protection Risks for Businesses

Paul Hastings LLP on

The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more

Goodwin

The Data Shift: UK Sets a New Course With 2025 Data (Use and Access) Act

Goodwin on

The Data (Use and Access) Bill passed both Houses of UK Parliament and received Royal Assent on 19 June 2025, now becoming the Data (Use and Access) Act 2025 (“DUA Act”). This is the final iteration of the Data Protection and...more

Latham & Watkins LLP

Kingdom of Saudi Arabia Issues New Data Transfer Risk Assessment Guidelines

Latham & Watkins LLP on

The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more

DLA Piper

Google’s U-Turn on Device Fingerprinting: ICO’s Response and Subsequent Guidance

DLA Piper on

In a December, the Information Commissioner’s Office (ICO) responded to Google’s decision to lift a prohibition on device fingerprinting (which involves collecting and combining information about a device’s software and...more

King & Spalding

EU DORA: Are you in scope, and if so, how can you prepare?

King & Spalding on

The Digital Operational Resilience Act (DORA) establishes a harmonised and comprehensive framework for information and communication technology (ICT) risk management in the financial sector. It is a directly applicable EU...more

A&O Shearman

ICO publish outcome report on AI consultation series

A&O Shearman on

On December 12 2024 the ICO published an outcomes report on its 2024 generative AI consultation series (the Report). The Report addresses five key areas regarding generative AI and its relation to data protection: -...more

A&O Shearman

English judgment shines light on ICO investigation into Cambridge Analytica

A&O Shearman on

On March 23 2018, the Information Commissioner’s Office (ICO) executed a warrant to enter and search the offices of Cambridge Analytica. The purpose of the search was to access records concerning its alleged use of personal...more

BCLP

AI in HR - What You Need to Know

BCLP on

BCLP recently hosted a seminar on AI in HR. In this thought-provoking session, we considered how AI is used in HR and its regulation in the EU and the UK, and then engaged in some discussions around two theoretical scenarios....more

Latham & Watkins LLP

EDPB Issues Guidelines on Processing Personal Data for Legitimate Interests Purposes

Latham & Watkins LLP on

The draft guidelines provide further clarification to the EDPB’s interpretation of legitimate interests, and suggest a potential divergence with the UK ICO....more

A&O Shearman

UK AI: existing regulators take the lead

A&O Shearman on

As further initiatives come in to play and legislation is on the horizon, existing regulators (such as the ICO, CMA, Ofcom and FCA) continue to press on with their approach to AI regulation, including through the Digital...more

King & Spalding

UK Government Introduces New Data (Use and Access) Bill

King & Spalding on

On October 23, the UK Government’s House of Lords had its first reading of a new proposed data protection bill, the Data (Use and Access) Bill (“DUA Bill”), as sponsored by the Department of Science, Innovation, and...more

A&O Shearman

When does payment card data qualify as personal data? English Court gives new guidance on this question

A&O Shearman on

The Upper Tribunal (UT) has overturned a decision by the First-tier Tribunal (FTT), relating to a Monetary Penalty Notice (MPN) that was issued by the Information Commissioner (ICO). All of this stemmed from a cyber-attack...more

A&O Shearman

Zooming in on AI - #7: AI under financial regulations in the U.S., EU and U.K. - a comparative assessment of the current state of...

A&O Shearman on

This is the final note in a three-part series on the regulation of artificial intelligence in the financial services sector in the United States, the European Union and the United Kingdom. Our first note, we provided a...more

A&O Shearman

EU and UK Data Protection Regulatory Trends so far in 2024: a focus on employee surveillance and biometric in the workplace

A&O Shearman on

This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of data...more

A&O Shearman

EU and UK Data Protection Regulatory Trends so far in 2024: a focus on AI

A&O Shearman on

This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of data...more

A&O Shearman

EU and UK Data Protection Regulatory Trends so far in 2024: a focus on consent, adtech and tracking technologies

A&O Shearman on

This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of data...more

Skadden, Arps, Slate, Meagher & Flom LLP

UK’s ICO and NCA Sign Memorandum of Understanding for Further Collaboration on Cybersecurity

Skadden, Arps, Slate, Meagher & Flom LLP on

On 5 September 2024, the UK’s data privacy regulator, the Information Commissioner’s Office (ICO), and the UK National Crime Agency (NCA) signed a Memorandum of Understanding (MoU) outlining how they will further collaborate...more

Latham & Watkins LLP

UK US Data Bridge Practical Tips for Implementation and Compliance

Latham & Watkins LLP on

Latham & Watkins and Privacy Laws & Business recently co-hosted a webinar looking back on the first eight months since the UK-US Data Bridge entered into force. Speakers from the UK Information Commissioner’s Office (ICO) and...more

Morrison & Foerster LLP

European Digital Compliance: Key Digital Regulation & Compliance Developments - May 2024

Morrison & Foerster LLP on

To help organizations stay on top of the main developments in European digital compliance, Morrison Foerster’s European Digital Regulatory Compliance team reports on some of the main topical digital regulatory and compliance...more

A&O Shearman

ICO publishes a UK BCR Addendum for use with the EU Binding Corporate Rules

A&O Shearman on

This blog notes some of the key features of the Addendum.  At its core, the Addendum can be used in relation to both controller BCRs and processor BCRs. Organisations then have a choice as to whether they use the Addendum in...more

Constangy, Brooks, Smith & Prophete, LLP

UK government establishes UK-U.S. Data Bridge

Constangy, Brooks, Smith & Prophete, LLP on

The United Kingdom has announced its decision to establish the UK-U.S. Data Bridge. The UK-U.S. Data Bridge will allow UK businesses and organizations to transfer personal data to organizations in the United States that have...more

Eversheds Sutherland (US) LLP

Data transfers update: New data bridge available to facilitate UK-US data transfers from 12 October 2023 - despite “qualified”...

Eversheds Sutherland (US) LLP on

Why should I read this? A new UK-US data bridge will be available to businesses in the UK looking to transfer personal data to organizations in the United States certified under the UK Extension to the EU-US Data Privacy...more

BakerHostetler

DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between...

BakerHostetler on

As we noted in our 2023 DSIR, there has been a flurry of activity within the information governance space, at home and abroad. This activity deserves further analysis, because while it seems from a distance that there are...more

Orrick, Herrington & Sutcliffe LLP

Data Subject Access Requests from Employees: What UK Employers Need to Know About New ICO Guidance

Orrick, Herrington & Sutcliffe LLP on

A challenging economic situation is prompting contentious staffing decisions. The rise of hybrid work has led employers to generate more information in more places about employees. Against this backdrop, more employees are...more

A&O Shearman

Increasing global cybersecurity regulation of private companies on the near horizon

A&O Shearman on

Within the past year, a number of countries around the world, including the United States, United Kingdom, France, and The Netherlands have initiated regulatory inquiries and developed new strategies for the purpose of more...more

146 Results
 / 
View per page
Page: of 6
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide