Recent technological advances have enabled the emergence of agentic AI — systems that can automate a range of tasks, potentially saving time and money for organizations....more
3/5/2026
/ Artificial Intelligence ,
Automated Decision Systems (ADS) ,
Compliance Dates ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Emerging Technologies ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Machine Learning ,
Regulatory Requirements ,
Transparency ,
UK ,
UK GDPR
In the final quarter of 2025, the UK Information Commissioner’s Office (ICO) issued fines under the General Data Protection Regulation (GDPR) totaling £15 million against Capita plc, Capita Pension Solutions Limited...more
2/3/2026
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
General Data Protection Regulation (GDPR) ,
Incident Response Plans ,
Information Commissioner's Office (ICO) ,
NCSC ,
Popular ,
Regulatory Requirements ,
UK
Ransomware attacks continue to evolve in sophistication, disrupting operations and commanding the urgent attention of regulators, law enforcement and government agencies....more
1/21/2026
/ Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Security ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Incident Response Plans ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
Regulatory Oversight ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Management ,
Sanctions ,
Third-Party Risk ,
Third-Party Service Provider
Given the rising number of high-profile cyber incidents resulting in significant losses and disruptions for UK businesses and infrastructure, the UK government on 12 November 2025 introduced the new Cyber Security and...more
12/10/2025
/ Critical Infrastructure Sectors ,
Cybersecurity ,
Data Centers ,
Enforcement Actions ,
Incident Response Plans ,
Managed Service Providers (MSPs) ,
New Legislation ,
Penalties ,
Regulatory Reform ,
Regulatory Requirements ,
Reporting Requirements ,
UK
On 19 November 2025, the EC released a proposal for the Digital Omnibus regulation, which is a set of suggested changes to the EU rules that govern the digital sector....more
11/24/2025
/ AI Act ,
Artificial Intelligence ,
Cookie Banners ,
Data Privacy ,
Data Protection ,
Digital Operational Resilience Act (DORA) ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
Incident Response Plans ,
Privacy Laws ,
Proposed Legislation ,
Regulatory Reform
On 22 August 2025, the UK Court of Appeal issued its judgment in Farley v Paymaster. The case related to the Sussex Police, whose pension scheme members’ “annual benefit statements” were posted to out-of-date addresses. The...more
11/3/2025
/ Class Action ,
Collective Actions ,
Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Damages ,
Data Breach ,
Data Protection ,
EU ,
EU Directive ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Privacy Laws ,
Private Right of Action ,
UK ,
UK GDPR
- What is new: The ICO is proposing to relax its enforcement of cookie consent requirements, meaning user consent would not be required for lower-risk advertising cookies.
- Why it matters: The proposals aim to address...more
8/6/2025
/ Advertising ,
Consent ,
Cookies ,
Corporate Counsel ,
Data Privacy ,
Data Protection ,
Information Commissioner's Office (ICO) ,
New Guidance ,
Privacy Laws ,
UK ,
Web Tracking
Recent months have seen a spate of high-profile cyber incidents that have affected UK companies and disrupted supply chains, keeping cybersecurity on the front pages and at the top of UK companies’ agendas. In response to the...more
6/26/2025
/ Corporate Governance ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Privacy ,
EU ,
Legislative Agendas ,
New Legislation ,
Proposed Legislation ,
Regulatory Reform ,
Reporting Requirements ,
Supply Chain ,
Technology ,
UK
On 27 March 2025, the UK Information Commissioner’s Office (ICO) issued a £3.07 million fine to an IT services provider following a ransomware attack in 2022 that affected the company’s health care business.
The ransomware...more
On 13 December 2024, the UK Information Commissioner’s Office (ICO) published the report of outcomes from its consultation on generative AI (genAI). The report sets out key themes that emerged from responses to the ICO’s...more
1/8/2025
/ Artificial Intelligence ,
Compliance ,
Consumer Privacy Rights ,
Data Privacy ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Machine Learning ,
Regulatory Agenda ,
Transparency ,
UK