Privacy & Data Protection

On 25 March 2024, Ofcom called for evidence for the third phase of its online safety regulations. This call for evidence will culminate in Ofcom’s third consultation paper, which will act as guidance for service providers to ensure compliance with the Online Safety Act (“OSA”). 

The third phase of online regulations introduces further

Although it’s been 2 years since the Dobbs v. Jackson Women’s Health decision from the Supreme Court, various state legislatures and courts have tried to define the new post-Roe landscape. This effort includes new and revised laws to amend existing privacy laws to protect consumer health data. You can find out more on our

The German Federal Ministry for Digital and Transport (Bundesministerium für Digitales und Verkehr – BMDV) has drawn up a new draft bill which shall introduce:

  • (i) a statutory obligation for providers of number-independent interpersonal communication services (e.g. instant messaging services) to allow their users to use end-to-end encryption (“E2EE”), and (ii) a statutory transparency obligation for such providers to inform their users accordingly; and
  • a statutory transparency obligation for providers of certain cloud services to inform their users about how to use continuous and secure encryption (“Draft Bill”).

The Draft Bill (status 7 February 2024), which does not have any basis in EU law, is available here (German content).Continue Reading Germany’s government plans to introduce a statutory ‘right to encryption’ for users of messaging and cloud storage services

With cybersecurity becoming a board-level issue, compliance officers, lawyers, board members, and business drivers are looking for official guidance or recommendations on cybersecurity measures to protect business, customers, and the wider economy.Continue Reading Cybersecurity preparedness: What guidance to follow?

On Monday, January 29th, we celebrated Global Data Protection Day by delivering an exciting webinar highlighting the latest data protection laws and bills that might influence your business.

Please see below our webinar recording featuring our data protection specialists, and learn tips and tricks for successfully navigating the evolving landscape of data protection.

Download

On 17 October 2023, the First-Tier Tribunal of the General Regulatory Chamber – Information Rights (the Tribunal) handed down its decision in Clearview AI Inc v The Information Commissioner [2023] UKFTT 819, overturning the £7.5 million fine levied on Clearview AI Inc. (Clearview) by the ICO last year.Continue Reading Clearview AI Inc., successfully appeals £7.5 million fine from the ICO but the ICO is fighting back!

On 26 October 2023, the UK adopted the Online Safety Act 2023, which introduces new obligations for online platforms to improve user safety online by ensuring content that is illegal and harmful is monitored and removed. We previously compared the Act in its draft form with the EU Digital Services Act here and will be updating the table soon.Continue Reading The UK Online Harms Bill becomes the Online Safety Act

Currently there are two trends on cookie consent banner design – either (1) the “Accept All” and “Reject All” options are shown in the first layer of a cookie consent management solution, or (2) only the “Accept All” option is shown in the first layer together with a link to the second layer of the cookie consent management solution where the user can reject to the use of non-essential cookies. There is more clarity on the views of the UK data protection authority on whether a “Reject All” option in the first layer of a cookie consent management solution is required.Continue Reading “Reject All” button in cookie consent banners – An update from the UK and the EU

On 3 October 2023, the UK Information Commissioner’s Office organised its annual Data Protection Practioner’s Conference 2023 (DPPC 2023). This year its focus was on Cybersecurity – a topic that concerns organisations across the board. Here are the takeaways from the DPPC 2023 (the event sessions available here).Continue Reading The UK Information Commissioner’s Data Protection Practioner’s Conference 2023 on Cybersecurity

On 3 October 2023, the Information Commissioner’s Office (ICO) published guidance (the Guidance) on lawful monitoring in the workplace. The Guidance provides advice to companies to help them comply with their obligations under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018) when monitoring anyone who performs work on their behalf. This is not limited to employees and could include monitoring of workers or those who are self-employed.Continue Reading UK Workplace monitoring – are you compliant?