The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
On 17 July 2024, the King’s Speech and associated background briefing notes were presented and published. These contain a summary of the new government’s plans, including two proposed bills that relate to changes to the UK’s...more
Introduction The UK’s Online Safety Act (OSA) imposes extensive obligations on certain types of online service providers to protect users from illegal and harmful content. A key focus of the OSA is the protection of children...more
SEC Fines the New York Stock Exchange’s Parent Company $10 million for Failure to Promptly Notify Its Subsidiaries of Cybersecurity Breach - On May 22, 2024, the Securities and Exchange Commission (“SEC”) imposed a $10...more
The Information Commissioner’s Office (ICO), the UK’s data protection regulator, has published an opinion on age assurance for internet society services (ISS). The opinion aims to explain how a company can use technology in...more
Understanding the ICO’s approach to assessing financial penalties should be a key element of an organisation’s data protection strategy and risk profile. In an era when data protection infringements can tarnish business...more
The UK Information Commissioner’s Office (ICO) issued guidance on content moderation technologies and processes for the first time (the Guidance). In its press release on 16 February 2024, the ICO flagged the need for content...more
The Information Commissioner’s Office (ICO) launched a campaign called ‘Think. Check. Share’ (the Campaign) on 29 January 2024, to promote responsible data sharing to safeguard children. The Campaign aims to provide...more
The UK Information Commissioner’s Office (ICO) has recently published an update on its enforcement efforts in respect of website cookie compliance. It follows a letter the ICO sent in November 2023 to 53 of the top 100 UK...more
There’s so much activity around generative AI! This is a hot topic for us data privacy folks as it presents new challenges for the protection of personal data. Call us sad, but we get very excited about it!...more
Following a re-think of the process for the authorisation of UK BCR after Brexit, the Information Commissioner’s Office (ICO) has devised a new mechanism to significantly streamline approvals. The new process, which was...more
On 10 October 2023, the England and Wales Court of Appeal handed down its decision in Delo, R. (On the Application Of) v. The Information Commissioner1, in which it upheld an earlier High Court ruling that the UK’s data...more
Closely following the establishment of the EU-US Data Privacy Framework (DPF) – see our July 2023 post – the UK has now agreed to an extension for the transfer of personal data from the UK to the US, known as the UK Extension...more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
On August 24, the Information Commissioner’s Office (ICO) issued a joint statement in conjunction with 11 other global authorities responsible for data protection and privacy on data scraping. Data scraping is the process of...more
In recent years, the gambling industry has seen significant growth, with online betting and gaming platforms becoming increasingly popular. However, this rapid expansion has also raised concerns about the potential for money...more
The UK Information Commissioner’s Office (“ICO”) has published a report on the evolving nature of neurotechnology and its implications for data protection laws. The report highlights the risks of neurotechnology and sets the...more
The UK Information Commissioner's Office (ICO) published a report on neurotechnology and released an accompanying statement on 8 June 2023....more
Following the introduction of the Age-Appropriate Design Code (the Code) on 2 September 2021, companies have questioned whether the Code applies to their online service. A recent consultation by the ICO seeks to clarify when...more
Within the past year, a number of countries around the world, including the United States, United Kingdom, France, and The Netherlands have initiated regulatory inquiries and developed new strategies for the purpose of more...more
On 6 December 2022, the UK Information Commissioner’s Office (ICO) announced that it would publish details of all future reprimands, including those issued from January 2022 onwards, ‘unless there is a good reason not to’....more
On 17 November 2022, the Information Commissioner's Office (“ICO”) announced that it has updated its guidance on international data transfers. In its announcement, the ICO outlined its intention to “clarify an alternative...more
It’s 1 September 2022 and I’m back at my desk at Allen & Overy having spent the last six months on secondment to the Legal Services team at the UK Information Commissioner’s Office. So how did it go?...more
On 18 July 2022 the Data Protection and Digital Information Bill (the Bill) was introduced for discussion into parliament, in one of the UK's first drives towards data protection reform after Brexit....more
In this month’s Privacy & Cybersecurity Update, we examine the FTC’s blog post suggesting an increased focus on protecting consumers’ sensitive data and Plaid’s settlement to resolve a class action arising from its data...more
On 16 June 2022, the UK government’s Department for Digital, Culture, Media and Sport (“the DCMS”) published its response to its Data Reform consultation. The response sets out the UK government’s key data protection reform...more