News & Analysis as of

General Data Protection Regulation (GDPR) Information Commissioner's Office (ICO) Enforcement Actions

Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts... more +
Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts individuals throughout the Union and all businesses operating therein. less -
Womble Bond Dickinson

The ICO’s Penalty Against 23andMe Brings New Emphasis on Cybersecurity Risks - Key Takeaways for U.S. Companies

Womble Bond Dickinson on

The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more

Skadden, Arps, Slate, Meagher & Flom LLP

UK GDPR Regulator Fines Data Processor After Ransomware Attack

Skadden, Arps, Slate, Meagher & Flom LLP on

On 27 March 2025, the UK Information Commissioner’s Office (ICO) issued a £3.07 million fine to an IT services provider following a ransomware attack in 2022 that affected the company’s health care business. The ransomware...more

Jenner & Block

Client Alert: New GDPR Investigations into the Use of Children’s Data

Jenner & Block on

The UK’s data protection regulator, the Information Commissioner’s Office (ICO), has recently announced investigations into three companies in connection with the use of children’s personal information. In a statement on...more

A&O Shearman

English Court reviews the ICOs first GDPR fine (again)

A&O Shearman on

In December 2019, the UK Information Commissioner’s Office (ICO) imposed a fine of £275,000 on Doorstep Dispensaree Limited (DDL) for multiple contraventions of the GDPR. On December 9 2024, five years on and three judgments...more

A&O Shearman

Zooming in on AI - #7: AI under financial regulations in the U.S., EU and U.K. - a comparative assessment of the current state of...

A&O Shearman on

This is the final note in a three-part series on the regulation of artificial intelligence in the financial services sector in the United States, the European Union and the United Kingdom. Our first note, we provided a...more

McDermott Will & Emery

European Regulators Provide Some Key Clarifications on Cookie Banners

McDermott Will & Emery on

The European Data Protection Board (EDPB) adopted a draft report of the work undertaken by the Cookie Banner Taskforce (the Report). The Report describes how regulators apply cookie legislation in handling certain types of...more

Herbert Smith Freehills Kramer

ICO and CNIL Levy Landmark Fines Against British Airways and Marriott for 2018 Data Breaches

Herbert Smith Freehills Kramer on

On Oct. 30, 2020, the United Kingdom’s data protection authority, the Information Commissioner’s Office (ICO), in connection with France’s Commission nationale de l’informatique et des libertés (CNIL), announced the largest...more

BCLP

Cyber Security Trends: Tips from recent UK enforcement activity - Part 4

BCLP on

When the regulator has decided to investigate your organisation following a data breach, the remit for the investigation will be wide-ranging and go beyond the narrow circumstances of the breach. Recent decisions shed useful...more

BCLP

Cyber Security Trends: Tips from recent UK enforcement activity – Part 3

BCLP on

Key to recent ICO decisions has been the ICO’s assessment of the extent and quality of communications with affected individuals and the regulator itself. It is clear the ICO sees certain behaviours (such as the setting up of...more

BCLP

Cyber Security Trends: Tips from recent UK enforcement activity – Part 2

BCLP on

In this part of our briefing series, we cover how prior regulatory enforcement action affects the assessment of sanctions and some pitfalls associated with undertaking internal security audits.  Who is this relevant for?...more

Orrick, Herrington & Sutcliffe LLP

ICO Fines: When Is An Appeal Appealing?

Orrick, Herrington & Sutcliffe LLP on

The decision to appeal a regulatory finding is never taken lightly. By the time a regulator has completed its investigation and notified a company of its intention to fine, the company will have invested significant time and...more

BCLP

Cyber Security Trends: Tips from recent UK enforcement - Part 1

BCLP on

What insights into cyber security norms can organisations glean from the UK ICO’s recent enforcement decisions, most of which have been released since the GDPR came into force? Final fines are still awaited on the UK’s...more

Latham & Watkins LLP

High GDPR Fines: German Data Protection Authority Joins the Club

Latham & Watkins LLP on

Following in the footsteps of the CNIL and the ICO, the Berlin DPA will impose a multimillion-euro fine for breach of the GDPR. The Berlin Data Protection Authority (Berlin DPA) recently announced that it will issue a...more

Latham & Watkins LLP

Britische Datenschutzaufsicht ICO kündigt Rekordbußgelder wegen DSGVO-Verstößen an

Latham & Watkins LLP on

Das ICO kündigt an, Bußgelder gegen British Airways und Marriott zu verhängen. Was ist passiert, wie geht es weiter? Am 8. Juli 2019 kündigte das Information Commissioner’s Office (ICO) an, gegen British Airways wegen...more

Proskauer on Privacy

ICO Issues First Intentions to Fine Under the GDPR

Proskauer on Privacy on

GDPR fines are seemingly like buses, you wait over a year for enforcement action by the UK’s data supervisory authority, the ICO, and then two come along at once – and with quite dramatic effect. The ICO has stretched its...more

Shook, Hardy & Bacon L.L.P.

Privacy and Data Security Alert | July 2019 #2

Shook, Hardy & Bacon L.L.P. on

British Data Protection Authority Flexes GDPR Enforcement Muscles - No longer is the bark of sanctions for lax data protection practices worse than its bite. The Information Commissioner’s Office (ICO)—the United Kingdom's...more

Katten Muchin Rosenman LLP

The Sky's the Limit: The Cathay Pacific and British Airways Data Hacks, and the GDPR Six Months On

Katten Muchin Rosenman LLP on

Cathay Pacific, the Hong Kong airline, is the latest airline to face a cyber-attack; in this case, one that has resulted in the theft of personal data of up to 9.4 million passengers. The hackers gained "unauthorised access"...more

Jones Day

Global Privacy & Cybersecurity Update Vol. 14

Jones Day on

New York Attorney General Announces Record Number of Data Breach Notices in 2016 - On March 21, 2017, the New York Attorney General's Office announced that it received 1,300 reported data breaches in 2016—a 60 percent...more

18 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide