China’s first regulation on children’s online privacy

The Cyberspace Administration of China (CAC) has, for the first time, issued legislation dedicated to protecting child privacy online. The Regulation on Protection of Children’s Personal Information Online is due to take effect on 1 October 2019. Read more

‘MEGA-FINES’ AND COMPENSATION – HOW MIGHT COMPANIES BE AFFECTED? DEVELOPMENTS IN DATA PROTECTION LAW SEPTEMBER 2019

In this update, we provide you with a brief summary of two recent developments in relation to sanctions imposed under the General Data Protection Regulation (“GDPR”). Firstly, the Berlin Data Protection Authority (“Berlin DPA”) recently announced its willingness to impose multimillion-euro fines for breaches of the GDPR. This shows that also in Germany significant fines … Read more

A Clearer Roadmap to Recovery: the roles of NCSC and ICO clarified at CYBERUK

The National Cyber Security Centre (NCSC) and the Information Commission Office (ICO) have clarified their roles in relation to breaches of cyber security.  NCSC manages cyber incidents at a national level to prevent harm being caused to both victims and the UK overall. It helps manage the response at a governmental level and seeks to … Read more

ICO explores bias and discrimination in AI

A recent post on the ICO’s AI Auditing Framework blog explores human bias and discrimination in AI systems, together with some of the technical and organisational measures which can be implemented to mitigate the legal risks associated with these issues. Read more

A year in the life of GDPR: Statistics and stories from the ICO

The introduction of the GDPR on 25 May 2018 caused a widespread re-think about data protection and privacy rights. From individuals being more aware of their rights, to corporate institutions working hard to ensure compliance and avoid the hefty new penalties the regulations can impose, data protection has undoubtedly been at the forefront of people’s … Read more

Schrems II heard in Europe: potential huge impact on global data transfers

The Court of Justice of the European Union (“CJEU“) has heard oral submissions in the latest case questioning the legal validity of international data transfer mechanisms under the GDPR, such as Standard Contractual Clauses and the EU-US Privacy Shield; The Irish Data Protection Commissioner (“DPC“) is seeking a ruling that would find the so-called Standard … Read more