News & Analysis as of

Information Commissioner's Office (ICO) UK GDPR

IR Global

UK Data Reform: What Businesses Need to Know About the Data (Use and Access) Bill

IR Global on

The UK's data protection landscape is undergoing significant transformation with the progression of the Data (Use and Access) Bill through Parliament. Officially titled the Data Protection and Digital Information Bill, this...more

Skadden, Arps, Slate, Meagher & Flom LLP

UK GDPR Regulator Fines Data Processor After Ransomware Attack

Skadden, Arps, Slate, Meagher & Flom LLP on

On 27 March 2025, the UK Information Commissioner’s Office (ICO) issued a £3.07 million fine to an IT services provider following a ransomware attack in 2022 that affected the company’s health care business. The ransomware...more

Cooley LLP

ICO Releases ‘Consent or Pay’ Guidance

Cooley LLP on

What happened? The UK Information Commissioner’s Office (ICO) has released updated guidance on ‘consent or pay’ business models. These models present users with a choice to either consent to the processing of their...more

DLA Piper

Google’s U-Turn on Device Fingerprinting: ICO’s Response and Subsequent Guidance

DLA Piper on

In a December, the Information Commissioner’s Office (ICO) responded to Google’s decision to lift a prohibition on device fingerprinting (which involves collecting and combining information about a device’s software and...more

BCLP

Out With the Old and In With the New - The Data (Use and Access) Bill

BCLP on

On 23 October 2024, the Data (Use and Access) Bill (the “DUAB”) was introduced to Parliament. The DUAB is the Labour government’s answer to the perceived shortfalls of the since-abandoned Data Protection and Digital...more

A&O Shearman

UK AI: existing regulators take the lead

A&O Shearman on

As further initiatives come in to play and legislation is on the horizon, existing regulators (such as the ICO, CMA, Ofcom and FCA) continue to press on with their approach to AI regulation, including through the Digital...more

King & Spalding

UK Government Introduces New Data (Use and Access) Bill

King & Spalding on

On October 23, the UK Government’s House of Lords had its first reading of a new proposed data protection bill, the Data (Use and Access) Bill (“DUA Bill”), as sponsored by the Department of Science, Innovation, and...more

A&O Shearman

When does payment card data qualify as personal data? English Court gives new guidance on this question

A&O Shearman on

The Upper Tribunal (UT) has overturned a decision by the First-tier Tribunal (FTT), relating to a Monetary Penalty Notice (MPN) that was issued by the Information Commissioner (ICO). All of this stemmed from a cyber-attack...more

BCLP

UK HR Two Minute Monthly: October 2023

BCLP on

Our October update includes a significant Supreme Court decision on how to treat historic underpayments of holiday pay, a preliminary tribunal hearing on whether a belief in race equality that opposed critical race theory was...more

Akin Gump Strauss Hauer & Feld LLP

Final Call to Respond to ICO’s Consultation on Biometric Data

Akin Gump Strauss Hauer & Feld LLP on

The Information Commissioner’s Office (ICO), the personal data protection authority in the United Kingdom (UK), is running a public consultation on its draft guidance on biometric data which covers the requirements under the...more

Eversheds Sutherland (US) LLP

Data transfers update: New data bridge available to facilitate UK-US data transfers from 12 October 2023 - despite “qualified”...

Eversheds Sutherland (US) LLP on

Why should I read this? A new UK-US data bridge will be available to businesses in the UK looking to transfer personal data to organizations in the United States certified under the UK Extension to the EU-US Data Privacy...more

Orrick, Herrington & Sutcliffe LLP

Data Subject Access Requests from Employees: What UK Employers Need to Know About New ICO Guidance

Orrick, Herrington & Sutcliffe LLP on

A challenging economic situation is prompting contentious staffing decisions. The rise of hybrid work has led employers to generate more information in more places about employees. Against this backdrop, more employees are...more

Latham & Watkins LLP

UK Data Protection and Digital Information (No. 2) Bill: What Is Changing?

Latham & Watkins LLP on

The updated reform legislation provides welcome guidance and clarifications on aspects such as legitimate interests and accountability, without substantially shifting the approach proposed under the existing reform bill. ...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

Bill in U.K. Parliament Would Facilitate Certain Types of Data Processing by Redefining ‘Personal Data’ Parameters

Ogletree, Deakins, Nash, Smoak & Stewart,... on

On March 8, 2023, the Data Protection and Digital Information (No. 2) Bill was introduced to the UK Parliament by the Department for Science, Innovation and Technology (DSIT). If enacted, the Bill will make changes to the UK...more

BCLP

Ransomware - why paying up earns no credit with the UK's Data Protection Authority and others

BCLP on

In a joint letter this summer, the UK’s data protection regulator (the ICO) and the UK’s National Cyber Security Centre (the NCSC) sought to convey some key messages to the legal profession relevant to advising clients...more

Benesch

New UK Cross-Border Data Transfer Mechanisms sent to Parliament for Approval

Benesch on

The new mechanisms, which are likely to pass Parliament, will become effective on March 21, 2022 and will require businesses and organizations to review existing and new contracts. The Information Commissioner’s Office...more

Mintz - Privacy & Cybersecurity Viewpoints

The New UK International Data Transfer Agreement Is Ready To Go From March 21, 2022

Mintz - Privacy & Cybersecurity Viewpoints on

The UK Information Commissioner’s Office (ICO) has just published the final form of its much-anticipated new International Data Transfer Agreement (IDTA), along with a separate addendum to the EU SCCs (SCCs Addendum). The...more

BCLP

The Data & Brexit Digest - Data protection representatives

BCLP on

With the UK unambiguously out of the EU, this fourth and final installment of our Data & Brexit Digest explores the topic of appointed representatives under Article 27. What is an Article 27 representative? The...more

BCLP

The Data & Brexit Digest – Drafting tips for contracts and policies

BCLP on

With the UK now unambiguously out of the EU, the EU General Data Protection Regulation (2016/679) (“EU GDPR”) has been replaced by the United Kingdom General Data Protection Regulation (“UK GDPR”). In this third instalment of...more

Akin Gump Strauss Hauer & Feld LLP

U.K. Privacy Regulator Clarifies How U.K. Firms May Respond to SEC Document and Records Requests

Akin Gump Strauss Hauer & Feld LLP on

Key Points The United States Securities and Exchange Commission (SEC) is able to make requests of U.K. firms (including U.K. branches of non-U.K. firms) to provide books and records and other documents of SEC regulated...more

20 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide