Life With GDPR: Cathay Pacific Enforcement Action
Life With GDPR: Episode 30- British Airways Data Breach Enforcement Action
E18: ICANN Loses First GDPR Court Ruling in Germany
- What is new: The ICO is proposing to relax its enforcement of cookie consent requirements, meaning user consent would not be required for lower-risk advertising cookies. - Why it matters: The proposals aim to address...more
The DUAA introduces several reforms to UK data protection law, but their implications are relatively limited in practice. The Data (Use and Access) Act 2025 (the DUAA) was enacted on 19 June 2025 and amends rather than...more
The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more
The Data (Use and Access) Bill passed both Houses of UK Parliament and received Royal Assent on 19 June 2025, now becoming the Data (Use and Access) Act 2025 (“DUA Act”). This is the final iteration of the Data Protection and...more
The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more
The UK’s data protection regulator, the Information Commissioner’s Office (ICO), has recently announced investigations into three companies in connection with the use of children’s personal information. In a statement on...more
On February 20 2025, the Information Commissioner’s Officer (the ICO) published the third edition of the Tech Horizons Report (the Report). The Report identifies four new technologies expected to emerge over the next 2 to 7...more
What happened? The UK Information Commissioner’s Office (ICO) has released updated guidance on ‘consent or pay’ business models. These models present users with a choice to either consent to the processing of their...more
Welcome to your weekly update from the A&O Shearman pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions. ICO guidance on using employment records The Information...more
On 16 January 2025, in an open statement and letter, the UK Information Commissioner, John Edwards, responded to the December 2024 letter from the UK Prime Minister, the Chancellor, and the Business Secretary....more
In a December, the Information Commissioner’s Office (ICO) responded to Google’s decision to lift a prohibition on device fingerprinting (which involves collecting and combining information about a device’s software and...more
In part one of our series "FemTech: how this growing industry can build trust, protect privacy and redress healthcare inequity… one app at a time", we take an introductory look at the industry, and offer some...more
Though perhaps falling short of being a universally accepted one, it is a truth that any organisation processing personal data needs a privacy programme. But how best should an internal compliance framework be structured...more
The Age Appropriate Design Code (“AADC”) - more commonly known as the Children’s Code - has been heralded as the world’s first code to protect children online. Compliance with the AADC became mandatory for in-scope businesses...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice. ...more
After the political and constitutional upheaval of the last four years that has been Brexit, a trade deal - the EU-UK Trade and Cooperation Agreement - was finally reached between the United Kingdom (UK) and the European...more