Regulatory

Subscribe to Regulatory via RSS

On 19 September, the Department for Science, Innovation and Technology (DSIT) announced in a press release that it is to launch a pilot advisory service next year, called the DRCF AI and Digital Hub.

This service will be operated by members of the Digital Regulation Cooperation Forum (DRCF), made up of the Information Commissioner’s Office (ICO), the Office of Communications (Ofcom), the Competition and Markets Authority (CMA) and the Financial Conduct Authority (FCA).

The DRCF AI and Digital Hub will provide businesses with tailored advice and support regarding how to meet requirements across multiple regulatory regimes. The DSIT anticipates that this service will expedite the process of getting new products and innovations to market, in a safe and responsible manner.

As such, the launch of the DRCF AI and Digital Hub will likely be welcome news for businesses across the UK, providing companies and innovators with the tools to navigate a challenging and multi-layered regulatory environment.Continue Reading DRCF to launch AI and Digital Hub regulatory advice pilot in 2024

Further to the joint announcement in June by UK Secretary of State for Science, Innovation, and Technology and the US Commerce Secretary of their intention to create a UK-US data bridge (please see our blog for further details), the UK government has passed a Regulation establishing a UK-US data bridge. The data bridge comes in the form of an extension to the EU-US Data Bridge Privacy Framework (the DPF) and will come into force on 12 October.Continue Reading UK government announces a UK data bridge with the US

On 11 September 2023, the UK’s Department for Science, Innovation, and Technology (DSIT), published the draft Data Protection (Fundamental Rights and Freedoms) (Amendment) Regulations 2023 (DP Regulations), which seek to amend the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018 (DPA 2018).Continue Reading DSIT publishes draft amendments to the UK GDPR and DPA 2018

On 9 August 2023, the Information Commissioner’s Office (ICO) and the Competition and Markets Authority (CMA) published a joint position paper on Harmful Design in Digital Markets (Harmful Designs Paper) that urges businesses to stop using harmful website designs that exploit customers by encouraging them to provide more personal data than necessary. The regulators are

The Summer 2023 Edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released:

English version
German versionContinue Reading Get your Update on IT & Data Protection Law in our Germany Newsletter (Summer 2023 Edition)

Please click here to access the source post from our Global Regulatory Enforcement Law Blog.

In this blog, the authors delve into a significant decision by the German Federal Cartel Office (FCO) four years ago, accusing a major technology company of abusive behavior due to alleged violations of the General Data Protection Regulation (GDPR). Recently

The Information Commissioner’s Office (ICO) has published a report on reprimands issued in the second quarter of the year, from April to June 2023. The recent reprimands by ICO shed light on areas of data protection where organizations across the public and private sectors have fallen foul of the UK GDPR and are instructive as to how organisations can improve their practices. Our blog focuses on three key lessons gleaned from these reprimands.Continue Reading Three lessons from ICO’s quarterly enforcement report

The UK Department for Culture, Media and Sport published draft Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023 (Draft Security Regulations). These regulations fall under the Product Security and Telecommunications Infrastructure Act 2022 (PSTIA) which come into effect on 29 April 2024 and which you can read about in our earlier blog. Part 1 of the PSTIA establishes a regulatory framework that imposes security requirements on manufacturers, importers, and distributors of these products. The Draft Security Regulations outline the specific security requirements for manufacturers.Continue Reading Navigating the Path to Compliance: Takeaways from the New Draft Security Regulations for Connected Devices

The UK’s new Product Security and Telecommunications Infrastructure Act 2022 will take effect on 29 April 2024, and will require manufacturers to implement minimum-security standards on all consumer products with internet or network connectivity, such as smartphones, smart meters, CCTV cameras, smart speakers, games consoles, smart doorbells, and medical devices and wearables before they can be made available for purchase.Continue Reading From Smartphones to Alarm Systems: UK Mandates Minimum Security for Connected Devices

Digital Markets Act: Developments since its proposal  

Following the European Commission’s initial proposal of the Digital Markets Act (DMA) in December 2020, its adoption by the European Parliament in March 2022 and the entry into force on November 1, 2022, the DMA will finally apply from May 2, 2023. The DMA contains a list of obligations and prohibitions, subject to fines, that core platform services (CPS) provided by so-called gatekeepers must comply with in their daily operations. CPS should therefore be assessed at an early stage regarding whether or not they fall within the scope of regulation of the DMA.

As is set out in the following, the DMA poses significant business challenges for (potential)
gatekeepers, which should be addressed in a legally sound, comprehensive and systematic manner in order to prevent disruptions to the relevant businesses. Continue Reading Countdown to compliance: The DMA to apply to digital gatekeepers from May 2, 2023