News & Analysis as of

Information Commissioner's Office (ICO) Corporate Counsel

Locke Lord LLP

U.K. Information Commissioner Issues New Guidance on the Use of Biometrics in the ‎Workplace

Locke Lord LLP on

On February 23, 2024, the Office of the Information Commissioner (“ICO”), the U.K.’s data privacy regulator, issued new guidance for employers about the use of biometrics in the workplace. Along with this new guidance, the...more

Cooley LLP

Landmark Decision Handed Down on ICO’s Responsibilities in Handling Subject Access Requests

Cooley LLP on

On 10 October 2023, the England and Wales Court of Appeal handed down its decision in Delo, R. (On the Application Of) v. The Information Commissioner1, in which it upheld an earlier High Court ruling that the UK’s data...more

Cooley LLP

New UK Guidance on Workplace Monitoring

Cooley LLP on

On 3 October 2023, the UK’s Information Commissioner’s Office (ICO) published new guidance on workplace monitoring. The previous guidance was issued in 2011, as part of the ICO’s Employment Practices Code, and was badly in...more

Eversheds Sutherland (US) LLP

Data transfers update: New data bridge available to facilitate UK-US data transfers from 12 October 2023 - despite “qualified”...

Why should I read this? A new UK-US data bridge will be available to businesses in the UK looking to transfer personal data to organizations in the United States certified under the UK Extension to the EU-US Data Privacy...more

Orrick, Herrington & Sutcliffe LLP

Data Subject Access Requests from Employees: What UK Employers Need to Know About New ICO Guidance

A challenging economic situation is prompting contentious staffing decisions. The rise of hybrid work has led employers to generate more information in more places about employees. Against this backdrop, more employees are...more

A&O Shearman

Increasing global cybersecurity regulation of private companies on the near horizon

A&O Shearman on

Within the past year, a number of countries around the world, including the United States, United Kingdom, France, and The Netherlands have initiated regulatory inquiries and developed new strategies for the purpose of more...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

Bill in U.K. Parliament Would Facilitate Certain Types of Data Processing by Redefining ‘Personal Data’ Parameters

On March 8, 2023, the Data Protection and Digital Information (No. 2) Bill was introduced to the UK Parliament by the Department for Science, Innovation and Technology (DSIT). If enacted, the Bill will make changes to the UK...more

McDermott Will & Emery

European Regulators Provide Some Key Clarifications on Cookie Banners

McDermott Will & Emery on

The European Data Protection Board (EDPB) adopted a draft report of the work undertaken by the Cookie Banner Taskforce (the Report). The Report describes how regulators apply cookie legislation in handling certain types of...more

Orrick, Herrington & Sutcliffe LLP

ICO Issues Updated Guidance on International Data Transfers

On 17 November 2022, the Information Commissioner's Office (“ICO”) announced that it has updated its guidance on international data transfers. In its announcement, the ICO outlined its intention to “clarify an alternative...more

Benesch

REMINDER: New UK Cross-Border Data Transfer Mechanisms Now in Effect.

Benesch on

Moving forward, businesses will need to use the updated Data Transfer Agreement or Data Transfer Addendum for any relationship or contract that contemplates the cross-border transfer of UK personal data. As of September...more

BCLP

Ransomware - why paying up earns no credit with the UK's Data Protection Authority and others

BCLP on

In a joint letter this summer, the UK’s data protection regulator (the ICO) and the UK’s National Cyber Security Centre (the NCSC) sought to convey some key messages to the legal profession relevant to advising clients...more

Orrick, Herrington & Sutcliffe LLP

The Data Protection and Digital Information Bill: Taking Back Control of UK Data Protection?

On 18 July 2022 the Data Protection and Digital Information Bill (the Bill) was introduced for discussion into parliament, in one of the UK's first drives towards data protection reform after Brexit....more

Vinson & Elkins LLP

Patchworking Data Protection Regimes: UK Adopts New Data Transfer Mechanisms Post-Brexit and Schrems II

Vinson & Elkins LLP on

Two new United Kingdom (“UK”) data transfer mechanisms, the International Data Transfer Agreement (“IDTA”) and the International Data Transfer Addendum (“UK Addendum”) to the European Union’s (“EU”) new standard contractual...more

Orrick, Herrington & Sutcliffe LLP

8 Things You Need to Know About United Kingdom (UK) International Data Transfers

Update: UK international data transfer agreement and UK addendum to the EU standard contractual clauses now in force In February, the Information Commissioner’s Office (“ICO”), the United Kingdom (UK) data protection...more

Orrick, Herrington & Sutcliffe LLP

6 Things You Need to Know About United Kingdom (UK) International Data Transfers

In February 2022, the United Kingdom (UK) Information Commissioner’s Office (“ICO”), along with the data protection authority (“DPA”) in the UK, published three new documents ("UK Documents") which update the UK's position on...more

Faegre Drinker Biddle & Reath LLP

International Data Transfers: Clarity on Timing of U.K. Transfer Mechanisms

The U.K. Information Commissioner’s Office (UK ICO) recently confirmed the options and clarified the timing of new data transfer agreements for transfers of personal data out of the U.K. The situation has been somewhat...more

Faegre Drinker Biddle & Reath LLP

Significant Changes Proposed to UK GDPR

On September 10, the U.K. government launched a consultation “Data: A New Direction” (Consultation), which proposes significant changes to the U.K.’s data protection framework. The U.K. government has signalled its...more

Butler Snow LLP

The European Commission’s New Standard Contractual Clauses: Transferring Personal Data from the EU (A Long Overdue “Take Two”)

Butler Snow LLP on

On June 4, 2021, the European Commission adopted a new, highly anticipated set of standard contractual clauses to facilitate the transfer of personal data out of the European Economic Area (“EEA”) in accordance with the...more

Orrick, Herrington & Sutcliffe LLP

Warren v DSG Retail Ltd – Shifting the Liability Landscape in Post‐Cyberattack Litigation

Since the General Data Protection Regulations ("GDPR") came into force in 2018, companies in the United Kingdom (UK) that have suffered cybersecurity attacks often face civil claims from individuals whose data has been...more

BCLP

UK launches consultation on international data transfers - a first glimpse of the “UK SCCs”

BCLP on

On 11 August, the UK Information Commissioner’s Office launched a consultation paper on “International transfers under UK GDPR”. The documents released alongside the paper include a draft International Data Transfer Agreement...more

A&O Shearman

European Commission adopts positive UK adequacy decisions for data transfers

A&O Shearman on

On 28 June 2021, just two days before the interim EU-UK data transfer “bridging mechanism” expired under the Trade and Cooperation Agreement, the European Commission (EC) adopted two adequacy decisions for the UK to...more

Orrick, Herrington & Sutcliffe LLP

Brexit Privacy Guide: Five Things You (Might) Have to Think About Before 2021

With the end of the Brexit transition period rapidly approaching and the United Kingdom (UK) poised to become a “third country” after it leaves the European Union (EU), the UK and the EU have yet to reach any “deal” on how...more

Orrick, Herrington & Sutcliffe LLP

Marriott Secures 80% Reduction in ICO Fine, but Here’s What You Missed…

Hot on the heels of the £20 million fine issued to British Airways, the Information Commissioner’s Office (“ICO“) has issued Marriott International Inc. (“Marriott“) with a long-awaited penalty notice for its failure to...more

A&O Shearman

What Might The BA And Marriott Fines Tell Us About The ICO’s Approach To Penalties?

A&O Shearman on

Few will have been surprised that, when the ICO eventually published details of the BA and Marriott fines, the final penalties were very much lower than the £183+ million and £99+ million proposed in the original notices of...more

Faegre Drinker Biddle & Reath LLP

Marriott Cyberattack Fine Reduced as ICO Shifts Penalty Policy

On 30 October 2020, the UK’s data privacy regulator, the Information Commissioner’s Office (ICO) issued a final penalty notice (Penalty Notice) to fine the hotel chain Marriott International, Inc. (Marriott) for a GDPR data...more

42 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide