Insights & News
Search for Insights & News
11 September 2023
Even before the Digital Markets, Competition and Consumers Bill (DMCC Bill) completes its passage through the UK parliament, the UK Government is consulting on further consumer law reform. A key purpose of the legislation under review in the consultation is to ensure consumers are provided with timely and relevant information when making decisions.
31 August 2023
In July 2023, the Office of the Privacy Commissioner for Personal Data issued a revised guidance note on Data Breach Handling and Data Breach Notifications. The guidance note sets out practical recommendations on how data users can effectively prepare for and manage data breaches.
03 August 2023
The ICO released its first report on neurotechnology on 8 June: a fast-emerging tech that records and processes data directly from an individual’s brain and nervous system (“neurodata”).
27 July 2023
Like most of the ‘free’ internet, online social media are funded through online advertising that is tailored to individual users’ behaviour and interests. This decision of the CJEU in Case C-252/21 relates to one such platform, Meta, in respect of its online social network, Facebook. It is noteworthy for the advertising industry because it involves a competition authority determining data protection issues, and calls into question whether personalised advertising can be carried out by platforms on a basis other than consent.
24 July 2023
While we continue to wait for news from Whitehall on the UK government’s search for a “suitable legislative vehicle” to drive its proposed updates to the Network and Information Systems Regulations 2018 (NIS Regulations), we take a look at why the change is necessary to protect supply chains, what is proposed, and who it will likely affect – the focus being on providers of managed services. We also sum-up other key cybersecurity changes afoot, both in the UK and the EU, affecting participants in supply chains for services as well as hardware and software products.
13 July 2023
As usage of AI by businesses and individuals becomes commonplace around the world, governments are getting to grips with what regulations should be imposed.
Pseudonymous or anonymous, that is the question. Ali Vaziri writes for Privacy & Data Protection Journal
Press13 July 2023
The question of whether data are pseudonymous or anonymous is painfully familiar to those using AI to mine for ever-deeper insights from ever-larger datasets. The answer is not without consequence. If pseudonymous, the GDPR applies with all its restrictions. If anonymous, then it does not.
What do we do about our international data transfers following the IDPC’s 22 May 2023 Meta decision?01 June 2023
Further to the news of the long awaited Irish Data Protection Commission’s (“IDPC”) final decision in the Meta international data transfers inquiry, we make short comment below about what businesses (both controller and processor, and everything in between) might, and indeed can, consider doing in response.
Press31 May 2023
Ali Vaziri writes for Retail News to outline why cyber security is vital for the retail sector. Retailers are a rich source of sensitive data, tempting to cyber criminals and it is no surprise that there have been many high-profile cyber attacks affecting retailers so far in 2023. In this article, Ali discusses protecting your reputation and relationships, credential stuffing and how to detect security incidents.
30 May 2023
From April 2022 to March 2023, 15,848 complaints related to the right of subject access were reported to the Information Commissioner’s Office (ICO). Elanor McCombe, Policy Group Manager at the ICO, singles out employers as some of the main culprits – either misunderstanding the nature of subject access requests (SAR), or underestimating their importance.
09 April 2023
Concerns are growing about the privacy risks of using AI chatbots, including OpenAI's GPT-4.
Press Release03 April 2023
Four promoted from across the firm’s specialist practice groups.
23 March 2023
A recent decision has applied a wide interpretation of the legal proceedings exemption in the context of use of a non-party’s personal data in the Employment Tribunal.
Monitoring Employees’ Office Attendance in a Post Covid World: A Worldwide Issue – Key Data Privacy Issues17 March 2023
With different offices having been in or out of lockdown or experiencing varying degrees of restrictions, it has been near impossible for managers with direct reports in multiple locations to monitor their team’s compliance with whatever post-Covid return to the office policy a business might have (“RTO Policy”).
Press20 February 2023
For those hoping for a slightly quieter year in the world of data protection, the new year has already gone off with a bang and regulators are now turning their line of fire to personalised advertising.
Ad tech report - The Project X Institute - Recommendations for the European Addressable Advertising Ecosystem
Press23 November 2022
Ad tech report - Recommendations for the European Addressable Advertising Ecosystem
22 November 2022
Last year James Davies published a report the Eight Drivers of Change – the future of work for the Future of Work Hub. It identified eight key drivers of change in society as a whole, and in the workplace in particular. It considered how these interconnected drivers were accelerating change at an unprecedented scale and speed and how these changes were influencing the what, where, from where, when, how, how much/many, who and why of work.
Inbrief26 October 2022
Following the widespread experience of employees working from home during the Covid-19 pandemic, some employers are starting to implement hybrid working arrangements on a longer-term basis.
Is it light at the end of the (transfer) tunnel? US “Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities” (and other matters)26 October 2022
On 7 October 2022 there were two significant announcements in the world of international data transfers.
Digital Services Act (DSA) gets the green light – is your business ready for this ambitious new framework?20 October 2022
Against the backdrop of the explosion of digital services over the past few decades, an outdated legal framework for digital services dating back to 2000, an increasingly polluted information ecosystem and complex societal shifts which are making people more susceptible to misinformation and conspiracy, on 4 October 2022, the European Council approved the European Commission’s (EC) proposals on the DSA.