Life With GDPR: Cathay Pacific Enforcement Action
Life With GDPR: Episode 30- British Airways Data Breach Enforcement Action
E18: ICANN Loses First GDPR Court Ruling in Germany
The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more
The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more
The UK Information Commissioner’s Office (the ICO) has published guidance to help firms take steps to protect customers’ personal information when data is shared between firms to prevent fraud and scams....more
The Digital Operational Resilience Act (DORA) establishes a harmonised and comprehensive framework for information and communication technology (ICT) risk management in the financial sector. It is a directly applicable EU...more
BCLP recently hosted a seminar on AI in HR. In this thought-provoking session, we considered how AI is used in HR and its regulation in the EU and the UK, and then engaged in some discussions around two theoretical scenarios....more
This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of data...more
I recently had the chance to visit with Jonathan Armstrong on a recent data breach case that occurred in the health service provider NHS Lanarkshire (Scotland) during the COVID-19 pandemic. This breach serves as a stark...more
Last year, the UK Department of Digital, Culture, Media and Sport (DCMS) published its 10- year National AI Strategy for the regulation and promotion of artificial intelligence (AI) in the UK (Report). DCMS seeks to build...more
On February 19, 2020, the Information Commissioner’s Office (ICO), the data protection regulator in the United Kingdom, launched a consultation on its draft guidance on the artificial intelligence (AI) auditing framework. ...more
We are now over a year on from the major changes made to the European data protection regime by the GDPR so it is time to revisit what the changes mean now for the hospitality sector and investment in it, given increased...more
The British privacy protection agency (the Information Commissioner’s Office, or ICO) recently announced its intention to impose on international hotels chain Marriott a fine of about GBP 99 million for violating the GDPR,...more
Ready for the Inevitable? Barely a day goes by without a data breach hitting the headlines. It is becoming a fact of life for any firm holding data that, from time to time, some of that data might be lost, stolen,...more
The EU’s General Data Protection Regulation (GDPR), which went into effect in May 2018, requires companies to implement appropriate security measures when handling personal data....more
Last week, the UK’s Information Commissioner’s Office (ICO) published a monetary penalty notice which fined a private healthcare company, HCA International, £200,000 for its failure to keep sensitive data secure....more