Life With GDPR: Cathay Pacific Enforcement Action
Life With GDPR: Episode 30- British Airways Data Breach Enforcement Action
E18: ICANN Loses First GDPR Court Ruling in Germany
Earlier this month the UK privacy office put a stop to several related entities’ use of facial recognition technologies and fingerprint monitors for their employees. The UK Information Commissioner’s Office found that the...more
In part one of our series "FemTech: how this growing industry can build trust, protect privacy and redress healthcare inequity… one app at a time", we take an introductory look at the industry, and offer some...more
This blog notes some of the key features of the Addendum. At its core, the Addendum can be used in relation to both controller BCRs and processor BCRs. Organisations then have a choice as to whether they use the Addendum in...more
In the fast-evolving landscape of technological innovation, artificial intelligence (AI) has become pivotal for progress, presenting both opportunities and challenges. Despite gaps in the regulatory framework, the UK...more
Why should I read this? A new UK-US data bridge will be available to businesses in the UK looking to transfer personal data to organizations in the United States certified under the UK Extension to the EU-US Data Privacy...more
As we noted in our 2023 DSIR, there has been a flurry of activity within the information governance space, at home and abroad. This activity deserves further analysis, because while it seems from a distance that there are...more
Though perhaps falling short of being a universally accepted one, it is a truth that any organisation processing personal data needs a privacy programme. But how best should an internal compliance framework be structured...more
The Age Appropriate Design Code (“AADC”) - more commonly known as the Children’s Code - has been heralded as the world’s first code to protect children online. Compliance with the AADC became mandatory for in-scope businesses...more
The Information Commissioner’s Office published draft guidance on privacy enhancing technologies that can be used to comply with privacy-by-design requirements. On 7 September 2022, the Information Commissioner’s Office...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice. ...more
Do you transfer or receive personal data from the United Kingdom? If so, there are some important developments in the UK to factor into your data protection compliance program. In a major change of policy, some organizations...more
On June 4, 2021, the European Commission adopted a new, highly anticipated set of standard contractual clauses to facilitate the transfer of personal data out of the European Economic Area (“EEA”) in accordance with the...more
The UK government has confirmed that from Monday 16 August the rules on self-isolation for COVID close contacts will change for (a) the fully vaccinated (meaning all those who have had two vaccine doses, but only from 14 days...more
The United Kingdom’s Information Commissioner’s Office (ICO) finalized a new Code of Practice (the Code) in September 2020, which applies to most companies that offer online services to or otherwise collect personal data from...more
After the political and constitutional upheaval of the last four years that has been Brexit, a trade deal - the EU-UK Trade and Cooperation Agreement - was finally reached between the United Kingdom (UK) and the European...more
The British privacy protection agency (the Information Commissioner’s Office, or ICO) recently announced its intention to impose on international hotels chain Marriott a fine of about GBP 99 million for violating the GDPR,...more
The guidance clarifies the interplay between the PECR and GDPR and provides practical steps to achieving cookie compliance. The UK’s data protection supervisory authority, the Information Commissioner’s Office (ICO),...more
This post provides an update as to the current status of official GDPR-related guidance. With a little under a year remaining until the European Union’s General Data Protection Regulation (GDPR) becomes enforceable, companies...more
The Information Commissioner’s Officer (“ICO”) has issued a fine of £200,000, its largest ever penalty for nuisance calls, to Home Energy & Lifestyle Management Ltd. (“HELM”), a green energy company. HELM was investigated...more
Big data is now big business. In recent years, due to the exponential growth in the capability of technology to undertake data analytics on a massive scale, organisations have started to appreciate the potential hidden value...more