Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Compliance with the New EU-US Data Privacy Framework
Life With GDPR - Data Transfer Update
Anonymization and AI: Critical Technologies for Moving eDiscovery Data Across Borders
Digital Trade: Key Trends and Developments to Watch
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
I Wish I Knew What I Know Now: Conversations with AGG on FDA Issues - Data Privacy Issues Life Sciences Companies May Encounter
In-house Roundhouse: Antitrust and the Tech Industry
Cross-Border Data Transfers and the EU-US Data Privacy Tug of War
Privacy Talk | The New Swiss Data Protection Act
Compliance Perspectives: The Privacy and Data Security Track at the 2020 Compliance & Ethics Institute
Update on Global Data Privacy Regulations by John Jackson
Nota Bene Episode 93: Navigating the New Global Cybersecurity Compliance Landscape with Scott Giordano
What's Next after the Schrems II Decision of ECJ
Compliance Perspectives: The End of the Privacy Shield
Nota Bene Episode 89: European Q3 Check In - Merger Clearance and Data Protection Court Rulings and Brexit Updates with Oliver Heinisch
IAPP Global Privacy Summit Recap, Big Questions, and Indiana Jones Analogies
The DUAA introduces several reforms to UK data protection law, but their implications are relatively limited in practice. The Data (Use and Access) Act 2025 (the DUAA) was enacted on 19 June 2025 and amends rather than...more
The Data (Use and Access) Bill passed both Houses of UK Parliament and received Royal Assent on 19 June 2025, now becoming the Data (Use and Access) Act 2025 (“DUA Act”). This is the final iteration of the Data Protection and...more
The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more
On 16 January 2025, in an open statement and letter, the UK Information Commissioner, John Edwards, responded to the December 2024 letter from the UK Prime Minister, the Chancellor, and the Business Secretary....more
On January 24 2025, the UK’s Information Commissioner’s Office (ICO) published its response to a request from the Prime Minister, Chancellor and Business Secretary for regulatory proposals to improve business confidence and...more
On October 23, the UK Government’s House of Lords had its first reading of a new proposed data protection bill, the Data (Use and Access) Bill (“DUA Bill”), as sponsored by the Department of Science, Innovation, and...more
Latham & Watkins and Privacy Laws & Business recently co-hosted a webinar looking back on the first eight months since the UK-US Data Bridge entered into force. Speakers from the UK Information Commissioner’s Office (ICO) and...more
The United Kingdom has announced its decision to establish the UK-U.S. Data Bridge. The UK-U.S. Data Bridge will allow UK businesses and organizations to transfer personal data to organizations in the United States that have...more
Closely following the establishment of the EU-US Data Privacy Framework (DPF) – see our July 2023 post – the UK has now agreed to an extension for the transfer of personal data from the UK to the US, known as the UK Extension...more
Why should I read this? A new UK-US data bridge will be available to businesses in the UK looking to transfer personal data to organizations in the United States certified under the UK Extension to the EU-US Data Privacy...more
The updated reform legislation provides welcome guidance and clarifications on aspects such as legitimate interests and accountability, without substantially shifting the approach proposed under the existing reform bill. ...more
On 17 November 2022, the Information Commissioner's Office (“ICO”) announced that it has updated its guidance on international data transfers. In its announcement, the ICO outlined its intention to “clarify an alternative...more
Moving forward, businesses will need to use the updated Data Transfer Agreement or Data Transfer Addendum for any relationship or contract that contemplates the cross-border transfer of UK personal data. As of September...more
It’s 1 September 2022 and I’m back at my desk at Allen & Overy having spent the last six months on secondment to the Legal Services team at the UK Information Commissioner’s Office. So how did it go?...more
While countries all over the globe continue to make data privacy strides, comparing similarities and differences between the EU and U.K. is important in light of Brexit. It is also crucial to know the differences as they...more
Two new United Kingdom (“UK”) data transfer mechanisms, the International Data Transfer Agreement (“IDTA”) and the International Data Transfer Addendum (“UK Addendum”) to the European Union’s (“EU”) new standard contractual...more
Update: UK international data transfer agreement and UK addendum to the EU standard contractual clauses now in force In February, the Information Commissioner’s Office (“ICO”), the United Kingdom (UK) data protection...more
In February 2022, the United Kingdom (UK) Information Commissioner’s Office (“ICO”), along with the data protection authority (“DPA”) in the UK, published three new documents ("UK Documents") which update the UK's position on...more
The new mechanisms, which are likely to pass Parliament, will become effective on March 21, 2022 and will require businesses and organizations to review existing and new contracts. The Information Commissioner’s Office...more
The U.K. Information Commissioner’s Office (UK ICO) recently confirmed the options and clarified the timing of new data transfer agreements for transfers of personal data out of the U.K. The situation has been somewhat...more
On 2 February 2022, the UK Information Commissioner’s Office (ICO) published the final form of its much-anticipated new International Data Transfer Agreement (IDTA) and the International Data Transfer Addendum to the European...more
Do you transfer or receive personal data from the United Kingdom? If so, there are some important developments in the UK to factor into your data protection compliance program. In a major change of policy, some organizations...more
On 28 January 2022 (Data Protection Day), the UK’s International Data Transfer Agreement (“IDTA”) and International Data Transfer Addendum to the European Commission’s Standard Contractual Clauses (the “EU Addendum”) were...more
The UK Information Commissioner’s Office (ICO) has just published the final form of its much-anticipated new International Data Transfer Agreement (IDTA), along with a separate addendum to the EU SCCs (SCCs Addendum). The...more