Cyber Monthly Wrap-up (UK, EMEA and the US) – November 2023

Welcome to HSF's November wrap up; our top picks for cyber-related news in the UK, EMEA and US. Our short summary and commentary is aimed at giving you the awareness and insights you need, with minimum time investment. Below you will find:
  • Developments in regulatory requirements and guidance;
  • Wider cyber industry news; and
  • Particularly noteworthy (reported) cyber incidents.
Read more

Implementation of the new EU standard contractual clauses and obligation to undertake a “TIA” – are you prepared?

The new EU standard contractual clauses (New EU SCCs) came into force on 27 September 2021 for the transfer of personal data from the EEA to third countries under the EU General Data Protection Regulation (EU 2016/679) (GDPR). The European Commission Implementing Decisions ((2001/497/EC) and (2010/87/EU)) which incorporated the previous standard contractual clauses (Old EU SCCs), were repealed on that day. Read more

Supreme Court finds claim for compensation under data protection legislation cannot proceed on “opt-out basis” in high profile Lloyd v Google case

In its judgment this morning the Supreme Court has overturned the Court of Appeal's decision in the high profile Lloyd v Google case, which would have opened the floodgates for class actions for compensation for loss of control of personal data to be brought on behalf of very large numbers of individuals without identifying class members: Lloyd v Google LLC [2021] UKSC 50. Read more

The other not so mega ‘mega fine’: ICO fines Marriott £18.4 million in relation to Starwood Hotel’s 2014 data breach

Summary The ICO has fined Marriott Inc (“Marriott”) £18.4 million in relation to a 2014 cyber-attack on Starwood Hotels. The ICO had previously issued a notice of its intention to fine Marriott £99.2 million. The Penalty Notice does not explain the reasons why the final fine is considerably lower than this amount. Following the ICO’s … Read more

US Senate confirms Permanent Ombudsman for the EU-US Privacy Shield Agreement

On 20 June 2019, the US Senate confirmed Keith Krach as the Under Secretary of State for Economic Growth, Energy, and the Environment. As part of that role, Krach will serve as the permanent Ombudsman for the EU-US Privacy Shield agreement. The EU-US Privacy Shield is a framework that regulates transatlantic exchanges of personal data … Read more