News & Analysis as of

General Data Protection Regulation (GDPR) Information Commissioner's Office (ICO) Data Protection

Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts... more +
Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts individuals throughout the Union and all businesses operating therein. less -
Latham & Watkins LLP

UK Adequacy Holds Firm Under New Data (Use and Access) Act 2025

Latham & Watkins LLP on

The DUAA introduces several reforms to UK data protection law, but their implications are relatively limited in practice. The Data (Use and Access) Act 2025 (the DUAA) was enacted on 19 June 2025 and amends rather than...more

McDermott Will & Emery

What ICO guidance on anonymisation means for health and life sciences companies

McDermott Will & Emery on

What new guidance on anonymisation from the UK Information Commissioner’s Office (ICO) means for healthcare and life sciences companies....more

Skadden, Arps, Slate, Meagher & Flom LLP

UK GDPR Regulator Fines Data Processor After Ransomware Attack

Skadden, Arps, Slate, Meagher & Flom LLP on

On 27 March 2025, the UK Information Commissioner’s Office (ICO) issued a £3.07 million fine to an IT services provider following a ransomware attack in 2022 that affected the company’s health care business. The ransomware...more

Latham & Watkins LLP

Kingdom of Saudi Arabia Issues New Data Transfer Risk Assessment Guidelines

Latham & Watkins LLP on

The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more

Jenner & Block

Client Alert: New GDPR Investigations into the Use of Children’s Data

Jenner & Block on

The UK’s data protection regulator, the Information Commissioner’s Office (ICO), has recently announced investigations into three companies in connection with the use of children’s personal information. In a statement on...more

A&O Shearman

Data protection guidance for firms sharing customer information for the prevention of fraud

A&O Shearman on

The UK Information Commissioner’s Office (the ICO) has published guidance to help firms take steps to protect customers’ personal information when data is shared between firms to prevent fraud and scams....more

Skadden, Arps, Slate, Meagher & Flom LLP

ICO Publishes Outcomes of GenAI Consultation

Skadden, Arps, Slate, Meagher & Flom LLP on

On 13 December 2024, the UK Information Commissioner’s Office (ICO) published the report of outcomes from its consultation on generative AI (genAI). The report sets out key themes that emerged from responses to the ICO’s...more

Cooley LLP

ICO Updates Position on Web-Scraping for AI Development

Cooley LLP on

What happened? In an attempt to address ongoing regulatory uncertainty about how the UK General Data Protection Regulation (UK GDPR) and UK Data Protection Act 2018 apply to the development and use of generative artificial...more

Ropes & Gray LLP

Meet the In-Laws: the UK’s Digital Legislative Agenda for 2025

Ropes & Gray LLP on

After its election to power in July 2024, the newly formed Labour government wasted little time in announcing its legislative priorities for the coming year. Unsurprisingly, these priorities included several proposed Bills...more

A&O Shearman

ICO publish outcome report on AI consultation series

A&O Shearman on

On December 12 2024 the ICO published an outcomes report on its 2024 generative AI consultation series (the Report). The Report addresses five key areas regarding generative AI and its relation to data protection: -...more

King & Spalding

UK Government Introduces New Data (Use and Access) Bill

King & Spalding on

On October 23, the UK Government’s House of Lords had its first reading of a new proposed data protection bill, the Data (Use and Access) Bill (“DUA Bill”), as sponsored by the Department of Science, Innovation, and...more

A&O Shearman

Zooming in on AI - #7: AI under financial regulations in the U.S., EU and U.K. - a comparative assessment of the current state of...

A&O Shearman on

This is the final note in a three-part series on the regulation of artificial intelligence in the financial services sector in the United States, the European Union and the United Kingdom. Our first note, we provided a...more

Latham & Watkins LLP

UK US Data Bridge Practical Tips for Implementation and Compliance

Latham & Watkins LLP on

Latham & Watkins and Privacy Laws & Business recently co-hosted a webinar looking back on the first eight months since the UK-US Data Bridge entered into force. Speakers from the UK Information Commissioner’s Office (ICO) and...more

Mayer Brown

UK GDPR and the Price of Non-Compliance: ICO Issues New Guidance on Calculating Fines

Mayer Brown on

The Information Commissioner's Office (the "ICO") has clarified the methods it will use to calculate the fines it will issue for breaches of data privacy law in the UK by publishing its latest Data Protection Fining Guidance...more

Latham & Watkins LLP

UK ICO Unveils New Fine Calculation Guide for Data Protection Infringements

Latham & Watkins LLP on

Understanding the ICO’s approach to assessing financial penalties should be a key element of an organisation’s data protection strategy and risk profile. In an era when data protection infringements can tarnish business...more

Hogan Lovells

ICO’s call to action for UK website cookie banners

Hogan Lovells on

The UK Information Commissioner’s Office (ICO) has recently published an update on its enforcement efforts in respect of website cookie compliance. It follows a letter the ICO sent in November 2023 to 53 of the top 100 UK...more

Katten Muchin Rosenman LLP

Generative AI - Data Privacy's Friend or Foe?

Katten Muchin Rosenman LLP on

There’s so much activity around generative AI! This is a hot topic for us data privacy folks as it presents new challenges for the protection of personal data. Call us sad, but we get very excited about it!...more

A&O Shearman

ICO publishes a UK BCR Addendum for use with the EU Binding Corporate Rules

A&O Shearman on

This blog notes some of the key features of the Addendum.  At its core, the Addendum can be used in relation to both controller BCRs and processor BCRs. Organisations then have a choice as to whether they use the Addendum in...more

Cooley LLP

Landmark Decision Handed Down on ICO’s Responsibilities in Handling Subject Access Requests

Cooley LLP on

On 10 October 2023, the England and Wales Court of Appeal handed down its decision in Delo, R. (On the Application Of) v. The Information Commissioner1, in which it upheld an earlier High Court ruling that the UK’s data...more

Vedder Price

A Rise in DSARs: Why Can Data Subject Access Requests Be Such a Burden?

Vedder Price on

Under UK data protection legislation, individuals, also called “data subjects”, have the right to make a data subject access request (DSAR) to organisations that “process” their personal data. Similar rights are required by...more

Morgan Lewis - Tech & Sourcing

ICO's Open Letter to UK Finance: A Call for Responsible Data Sharing in the Gambling Industry

Morgan Lewis - Tech & Sourcing on

In recent years, the gambling industry has seen significant growth, with online betting and gaming platforms becoming increasingly popular. However, this rapid expansion has also raised concerns about the potential for money...more

Thomas Fox - Compliance Evangelist

The Importance of Effective Policies and Training in Data Protection: Lessons from a Scottish Hospital Breach

Thomas Fox - Compliance Evangelist on

I recently had the chance to visit with Jonathan Armstrong on a recent data breach case that occurred in the health service provider NHS Lanarkshire (Scotland) during the COVID-19 pandemic. This breach serves as a stark...more

Orrick, Herrington & Sutcliffe LLP

Neurodata, Neurotechnology and Data Protection in the UK

Orrick, Herrington & Sutcliffe LLP on

The UK Information Commissioner’s Office (“ICO”) has published a report on the evolving nature of neurotechnology and its implications for data protection laws. The report highlights the risks of neurotechnology and sets the...more

Orrick, Herrington & Sutcliffe LLP

Data Subject Access Requests from Employees: What UK Employers Need to Know About New ICO Guidance

Orrick, Herrington & Sutcliffe LLP on

A challenging economic situation is prompting contentious staffing decisions. The rise of hybrid work has led employers to generate more information in more places about employees. Against this backdrop, more employees are...more

A&O Shearman

Increasing global cybersecurity regulation of private companies on the near horizon

A&O Shearman on

Within the past year, a number of countries around the world, including the United States, United Kingdom, France, and The Netherlands have initiated regulatory inquiries and developed new strategies for the purpose of more...more

155 Results
 / 
View per page
Page: of 7
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide