GDPR

UK Ranks Second Highest in GDPR Fines

A new report from cybersecurity company ESET found that the UK ranks second highest in average GDPR fine value ($10 million), despite issuing the lowest number (five) of GDPR fines in the EU. Spain issued the highest number of fines (273), while Luxembourg issued the highest value fines.  The report found that more than 650…
Read More
UK

UK Proposes Reforms to Data Protection Laws

On 10 September 2021, the UK Government’s Department for Digital, Culture, Media, and Sport (DCMS) published its long-awaited proposals for reform of the country’s data protection laws. The consultation paper includes a detailed and comprehensive set of suggested amendments to the UK GDPR, Data Protection Act 2018, and Privacy and Electronic Communications Regulations (PECR), with…
Read More
Securities Exchange Commission

Switzerland and United Kingdom Issue Guidance for Data Transfers to SEC 

Businesses and organizations registered with the U.S. Securities and Exchange Commission are often required to share personally identifiable information (PII) with the regulatory body.  But for entities that have operations outside of the U.S., complying with SEC requests has created a legal conundrum since the European Court of Justice’s Schrems 2.0 ruling–which invalidated the EU-U.S.…
Read More

EU Releases Draft Decision on UK Data Privacy Standards

Since the start of 2021, post-Brexit data relationships between the European Union and the United Kingdom have been governed by The EU-UK Trade and Cooperation Agreement, which established a 4-6 month temporary period where data could flow freely between the two jurisdictions.  Beyond that, the future was unclear. The grace period could have been extended…
Read More

A Guide to The New Brexit Trade Agreement

The long-awaited Brexit agreement is here. The EU-UK Trade and Cooperation Agreement, which details the conditions of the UK’s relationship with the EU, took provisional effect on January 1, 2021. The agreement’s free trade and security frameworks have many data privacy implications--here’s what you need to know. Not Many Changes…For Now  When Brexit was voted…
Read More

2020 News in Review

Week Ending December 28  ICO Warns SolarWinds Victims to Report Breaches  The United Kingdom’s Information Commissioner’s Office (ICO) has issued a warning to organizations compromised by the SolarWinds breach. The breach, which was carried out by Russian hackers, affected more than 18000 organizations worldwide. ICO requires UK data controllers subject to NIS regulations to report…
Read More
Data Privacy Artificial Intelligence

ICO (UK) and Turing Institute Publish Draft Guidance on Explaining Artificial Intelligence Decisions

Artificial intelligence – technology that makes decisions in a way that mimics human decision-making, but with much larger and more complex sets of data – has the ability to transform nearly every aspect of modern life. In many ways it already has. From teaching cars how to self-pilot to helping banks identify money laundering schemes,…
Read More
Back To Top