On 9 November 2023, the UK Office of Communications (Ofcom) issued its first set of draft guidance on the UK’s long-anticipated Online Safety Act (OSA), which aims to protect online users against illegal and harmful content....more
The Information Commissioner’s Office (ICO), the personal data protection authority in the United Kingdom (UK), is running a public consultation on its draft guidance on biometric data which covers the requirements under the...more
The UK has approved the UK-U.S. Data Bridge facilitating flows of personal data to U.S. entities that have self-certified to the EU-U.S. Data Privacy Framework (‘DPF’), provided that those entities extend their DPF...more
FTC Finalizes Settlement with 1Health.io For Allegations It Failed to Protect Customers’ DNA Data - On September 6, 2023, the Federal Trade Commission’s agreement with the genetic testing firm 1Health.io Inc. – formerly...more
On 18 August 2023, the UK’s Information Commissioner’s Office (“ICO”) published draft guidance on biometric recognition (the “Draft Guidance”) for public consultation. The Draft Guidance explains how data protection law...more
FTC Settles with Experian for Alleged Customer Spamming - On August 14, 2023, the Federal Trade Commission (“FTC”) announced a proposed settlement involving Experian Consumer Services (“Experian”). A federal court entered...more
A challenging economic situation is prompting contentious staffing decisions. The rise of hybrid work has led employers to generate more information in more places about employees. Against this backdrop, more employees are...more
On March 8, 2023, the Data Protection and Digital Information (No. 2) Bill was introduced to the UK Parliament by the Department for Science, Innovation and Technology (DSIT). If enacted, the Bill will make changes to the UK...more
On March 8, 2023, the U.K. Secretary of State for Science for Innovation and Technology announced the publication of the Data Protection and Digital Information (No.2) Bill. This new version of the Data Protection and Digital...more
The UK government has recently published proposals to amend UK data protection legislation with moves towards divergence from EU rules and regulation following the UK’s decision to leave the EU (“Brexit”). The Data Protection...more
UK government sets out ambitious proposal for reforming the UK data protection landscape. On 17 June 2022, the Department for Culture, Media and Sport (DCMS) published its response to its consultation “Data: a new...more
On 17 June 2022, the UK government published its refined plans for reforming UK data protection law, following a detailed consultation exercise undertaken last year. The proposals form part of wider changes to the UK...more
The UK Information Commissioner’s Office (ICO) has just published the final form of its much-anticipated new International Data Transfer Agreement (IDTA), along with a separate addendum to the EU SCCs (SCCs Addendum). The...more
The Supreme Court of the United Kingdom has delivered its long-awaited decision in the case of Lloyd [2021] UKSC 50, rejecting an attempt to bring a representative claim for compensation for "loss of control" over personal...more
The guidance outlines how organisations should approach international transfers and confirms examples of supplemental measures that can be adopted to ensure ongoing compliance and seeking to de-mystify earlier uncertainty. ...more
With the end of the Brexit transition period around the corner, companies doing business in the EU and UK must prepare for data protection change – and not only international data transfers. Our Privacy & Data Security Team...more