On June 19 2025, the Information Commissioner’s Office (ICO) published guidance on the Data (Use and Access) Act 2025 (DUAA), which received Royal Assent on the same day. The DUAA introduces significant changes to the UK data...more
What does the U.K. Information Commissioner’s Office have to say about what it takes for adtech initiatives to be compliant with data protection? “There is an opportunity for market participants to move towards developing...more
The United Kingdom’s Information Commissioner’s Office (ICO) finalized a new Code of Practice (the Code) in September 2020, which applies to most companies that offer online services to or otherwise collect personal data from...more
States Consider Privacy and Data Security Legislation - It’s that time of year again, when we see a flood of legislative activity at the state level on privacy and data security laws. A couple of recent examples are below....more
Probably not. A cookie can qualify as “personal data” under GDPR when it can be linked to an individual person. Even in instances where a cookie cannot be linked, it is still governed by the ePrivacy Directive and...more
In an ironic twist, the British Information Commissioner’s Office (ICO) recently fined a Brexit advocacy group for violating regulations issued under an EU directive. The fines, totaling £120,000, were levied against...more