The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
Webinar Recording – The Colorado Privacy Act and Draft Rules
2022 DSIR Report Deeper Dive: Personal Data Deletion
Congress Tries to Wrangle Cyber and Crypto Industries
Who are the decision makers at INTERPOL's CCF?
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
On March 26, 2025, the UK data protection regulator (the Information Commissioner’s Office (“ICO”)) fined Advanced Computer Software Group Ltd (“Advanced”) £3.07 million (approximately $4 million). In 2022, Advanced suffered...more
The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more
The Upper Tribunal (UT) has overturned a decision by the First-tier Tribunal (FTT), relating to a Monetary Penalty Notice (MPN) that was issued by the Information Commissioner (ICO). All of this stemmed from a cyber-attack...more
In October 2024, the UK government introduced the Data (Use and Access) Bill (the Data Bill) to Parliament. The Data Bill represents a third attempt by UK ministers to bring about reforms to the UK’s data protection and...more
The children’s privacy and online safety regulatory landscape is evolving quickly. To keep up, companies subject to U.K. law should understand their users, enhance safety features and conduct risk assessments, all while...more
Introduction The UK’s Online Safety Act (OSA) imposes extensive obligations on certain types of online service providers to protect users from illegal and harmful content. A key focus of the OSA is the protection of children...more
The Information Commissioner’s Office (ICO), the UK’s data protection regulator, has published an opinion on age assurance for internet society services (ISS). The opinion aims to explain how a company can use technology in...more
In part one of our series "FemTech: how this growing industry can build trust, protect privacy and redress healthcare inequity… one app at a time", we take an introductory look at the industry, and offer some...more
The Information Commissioner’s Office (ICO) launched a campaign called ‘Think. Check. Share’ (the Campaign) on 29 January 2024, to promote responsible data sharing to safeguard children. The Campaign aims to provide...more
There’s so much activity around generative AI! This is a hot topic for us data privacy folks as it presents new challenges for the protection of personal data. Call us sad, but we get very excited about it!...more
The U.K. Data Bridge extension to the EU-U.S. Data Privacy Framework (“DPF”) was formally green-lighted by the U.K. Government on 12 October 2023....more
Beginning October 12, 2023, the UK-U.S. Data Bridge will allow UK companies to transfer personal data to the United States using the new EU-U.S. Data Privacy Framework....more
The UK government has announced the UK extension to the EU-US Data Privacy Framework, known as the UK-US data bridge. The new framework will allow businesses to transfer personal data between the United Kingdom and the United...more
Orrick's Founder Series offers monthly top tips for UK startups on key considerations at each stage of their lifecycle, from incorporating a company through to possible exit strategies. The Series is written by members of our...more
The UK Information Commissioner’s Office (“ICO”) has published a report on the evolving nature of neurotechnology and its implications for data protection laws. The report highlights the risks of neurotechnology and sets the...more
Summary - On July 10, 2023, the European Commission issued an adequacy decision for the EU-U.S. Data Privacy Framework (“EU-U.S. DPF” or “DPF”). The decision concludes that the U.S. ensures an adequate level of protection...more
On June 8, President Biden presented an agreement in principle to allow for the free flow of data between the U.S. and the UK. Announced as part of the administration’s “Atlantic Declaration for a Twenty-First Century U.S.-UK...more
A challenging economic situation is prompting contentious staffing decisions. The rise of hybrid work has led employers to generate more information in more places about employees. Against this backdrop, more employees are...more
For most large companies, a frictionless flow of information and the ability to transfer customer data, employee files, financial records and other information around the world quickly and cost-effectively is a critical...more
On 8 March 2023, the UK Department for Science, Information and Technology (DSIT) published the Data Protection and Digital Information (No.2) Bill (DPDI 2) which provides an update to the Government's reforms to the UK data...more
The UK’s new Code of Practice for App Store Operators and App Developers provides companies with privacy-related resources. It also highlights ICO privacy expectations. Participating in the code is done by voluntarily...more
The British Virgin Islands ("BVI") Data Protection Act, 2021 ("DPA") came into force on 9 July 2021. It was introduced so the BVI would have a data protection framework which is broadly similar to EU and UK standards. To...more
2022 was yet another eventful year in terms of GDPR compliance. The continued evolution of the enforcement landscape, with increasing number of sanctions and individuals exercising their rights required time and attention...more
Colorado Department of Law Issues Draft CPA Revisions - On December 22, the Colorado Department of Law issued updates to the draft Colorado Privacy Act (CPA) rules. These revisions build on written comments and feedback from...more
Areas of interest include anonymisation, “recognised legitimate interests”, and the ICO’s role. The UK Data Protection and Digital Information Bill (the Bill) sets out the government’s proposals for reforming the current...more