May Data Wrap: A snapshot of key regulatory developments

On 22 May 2023, following the adoption of a binding decision by the EDPB, the Irish Data Protection Commissioner (“DPC“) concluded its own-volition inquiry against Meta regarding the legality of international data transfers from Meta Ireland to the US. The DPC concluded that such transfers infringed the GDPR and directed Meta to suspend its transfers … Read more

March Data Wrap: A snapshot of key regulatory developments

March saw the UK Government recommence its efforts to reform the UK data regime by introducing the aptly named “Data Protection and Digital Information Bill (No.2)” to Parliament on 8 March 2023. The second draft bill supersedes the original version that was paused in September to allow ministers to rethink their approach and engage in … Read more

ICO publishes consultation on the AI and data protection risk toolkit

Executive Summary On 12 October 2021, the Information Commissioner’s Office (“ICO“) opened its consultation in relation to the use of the beta version of its AI and data protection risk mitigation and management toolkit (the “Consultation“). The Consultation runs until 1 December 2021 and the ICO is seeking responses from all industry sectors and from … Read more

EU Commission releases regulatory proposal to increase trust in AI

Key takeaways The European Union Commission released its long awaited proposed regulation of artificial intelligence on 21 April 2021 (see press release here), which sets out a risk-based approach to regulation designed to increase trust in the technology and ensure the safety of people and businesses above all. The regulation has extra-territorial scope meaning that … Read more

ICO PUBLISHES NEW DATA SHARING CODE OF PRACTICE

Executive Summary On 17 December 2020, the Information Commissioner’s Office (“ICO”) published a new Data Sharing Code of Practice (the “Code”). As nearly ten years have passed since the implementation of the previous data sharing code published by the ICO, the new Code has been updated to reflect key changes in data protection laws and … Read more

A change in approach to subject access? ICO Publishes Updated DSAR Guidance

Summary The ICO (the UK privacy regulator) has updated its guidance on data subject access rights, and the revised guidance appears to be aimed at giving organisations practical advice on managing and responding to subject access requests by including further detail and examples. Although the revised guidance has not changed dramatically, it is fair to … Read more

UK SWITCHES TO DECENTRALISED APPROACH TO CONTACT TRACING APP

In a move that marks a major U-turn for the Government, the UK’s proposals for a centralised contact tracing app have been abandoned in favour of a decentralised model. The new model is based on technology developed by Apple and Google and replaces the original app designed by NHSX, which recently has faced criticism due … Read more