Search results
905 results ordered by
Irish DPC fines LinkedIn €310m for behavioural analysis and targeted advertising breaches
How certain do data controllers need to be of their lawful basis for processing personal data when engaging in behavioural analysis and targeted advertising, and how clearly must this be reflected in a privacy policy?
Read moreUK's new AI Cyber Security Code of Practice
What is the UK's proposed AI Cyber Security Code of Practice?
Read moreEU AI Act into force 1 August 2024
The EU AI Act came into force across all 27 EU member states on 1 August 2024. The aim of the legislation is to ensure AI systems used in the EU are safe and transparent.
Read moreNew Minister for Data Protection Sir Chris Bryant
On 8 July 2024, the Government appointed Sir Chris Bryant as the Minister of State for Data Protection and Telecoms (as well as Minister of State for Creative Industries, Arts and Tourism).
Read moreSocial media and video sharing platforms targeted by ICO over children's privacy practices
What must social technology platforms be aware of to ensure they are following the ICO's codes of practice for children's online safety?
Read moreUber hit with €290m fine for transferring European driver data to its US HQ
What does the Uber fine signal for international data transfers and the consequences of failing to comply with the EU General Data Protection Regulation (EU GDPR)?
Read moreX suspends personal data training of AI chatbot Grok following Irish DPC pressure
How are the data regulators addressing the use of personal data when training AI language models?
Read moreThe UK's Digital Information and Smart Data Bill
What can we expect from the new Digital Information and Smart Data Bill (the DISD Bill)?
Read morePart 6 – Practical Considerations
AI focussed actors and providers have been focussing on their forthcoming AI obligations and on governance for some time, but it is now prudent for the majority of organisations to assess how their use of AI will come within the scope of regulation in key territories and become familiar with each regime (and devise a means to keep up with the anticipated fast moving changes). Planning for the costs of compliance and for AI governance including systems and procedures for data retention and record keeping should also be part of current business strategy together with building expertise on AI internally and identifying trusted advisors from the "noise" of what is being offered externally.
Read morePart 4 – AI Regulation in Asia
This is Part 4 of 'Regulation of AI – raising the trillion dollar bAIby'
Read more“Consent or pay” models under scrutiny in UK and EU
Are “consent or pay” business models compliant with data protection law?
Read moreICO forces Serco Leisure to stop using facial recognition technology for employees
In what circumstances can facial recognition technology (FRT) be acceptable to monitor employees in the workplace?
Read moreOfcom and ICO to collaborate on Online Safety and Data Protection
How are the data protection and broadcasting regulators collaborating to regulate online services from a safety and privacy perspective, and what does this mean for businesses and services regulated by both bodies?
Read moreICO publishes guidance on content moderation
What steps should businesses operating content moderation systems in the UK be taking to comply with new guidance published by the UK’s Information Commissioner (ICO)?
Read moreThe ICO’s strategic approach to regulating AI
How can the ICO’s recently published AI strategy paper help businesses navigate the evolving AI regulatory landscape, particularly in respect of data protection principles?
Read moreNew development: DPDI Bill fails to become law
The Data Protection and Digital Information Bill (DPDIB), the proposal for post-Brexit data protection laws in the UK, did not pass through Parliament before its dissolution on 24 May 2024 ahead of the general election on 4 July 2024. This means that the DPDIB has failed to become law and any proposals for data reform in the UK will largely need to start afresh in the new Parliament.
Read moreThe Role of AI in Disputes
While lawyers have had various forms of AI available to them for years, it is generative AI and the development of large language models (LLMs) which is likely to represent a fundamental shift for dispute resolution. This technology now offers language capabilities that have never been seen before, and is likely to transform the way lawyers conduct proceedings.
Read moreWhat is AI and why is it topical?
Whilst there is no universal definition of what constitutes artificial intelligence, at its core, AI refers to the simulation of human intelligence in machines that are programmed to think and learn like humans. This encompasses the ability to reason, learn from experience, understand complex concepts, interact with their environment and look to solve problems.
Read moreDepartment for Science, Innovation and Technology consults on proposed data infrastructure statutory framework
What statutory obligations could the Department for Science, Innovation and Technology’s (DSIT) proposed statutory framework impose on UK data centre providers?
Read moreICO publishes updates to its guidance on Transfer Risk Assessments
How will recent updates to the Information Commissioner’s Office’s (ICO) guidance on Transfer Risk Assessments (TRAs) affect how UK organisations conduct their TRAs?
Read moreNew ICO guidance on content moderation and data compliance
How can organisations using content moderation technologies and processes best comply with data protection laws?
Read moreICO launches consultation series on generative AI and data protection
What is the Information Commissioner’s Office’s (ICO) intended approach to developing guidance on how data protection law should be applied to the development and use of generative AI?
Read moreCJEU rules on what constitutes “automated decision-making” under the GDPR
Does the production of a credit score constitute “automated decision-making” for the purposes of Article 22 of the EU General Data Protection Regulation (GDPR)? What wider impact will this have for AI technologies?
Read moreEDPB adopts opinion on “main establishment” of a controller in the EU
What is meant by “main establishment” under article 4(16)(a) of the GDPR for the purposes of determining the application of the one-stop-shop mechanism?
Read moreICO warns UK’s most visited websites to improve cookie choices
What steps is the ICO taking to ensure that website cookie banners are compliant with law?
Read moreNew Development: EU Data Act published in Official Journal
The EU Data Act (the Act) came into force on 11 January 2024. The Act sets out rules regarding the fair access to and use of data, aiming to enhance the data economy for individuals and businesses by overcoming barriers to data sharing and establishing frameworks around data access and use.
Read moreICO fines HelloFresh £140,000 after 7-month spam marketing campaign
Where did HelloFresh go wrong with their email and text marketing campaign and what lessons can be learned from the ICO’s investigation and subsequent fine?
Read moreICO issues preliminary enforcement notice against Snap for its “My AI” Chatbot
How can organisations who wish to join to the world of generative AI ensure that they adequately assess the risks from the perspective of the Information Commissioner’s Office (ICO)?
Read moreNew Development: EDPB provides clarification on tracking techniques covered by the ePrivacy Directive
On 14 November 2023, the European Data Protection Board (EDPB) adopted a set of new guidelines (the Guidelines) on the technical scope of Article 5(3) of the ePrivacy Directive (the ePD).
Read moreClearview AI cleared of £7.5m ICO fine for processing data outside the UK
Just how did the processing of personal data by Clearview AI (Clearview) fall outside the scope of UK GDPR?
Read moreICO publishes guidance to ensure lawful monitoring in the workplace
How can employers monitor their workers whilst maintaining their trust and complying with data protection regulation?
Read moreICO publishes its draft “Data Protection Fining Guidance” for public consultation
How will the Information Commissioner’s Office (ICO) calculate the amount of a fine under the UK GPDR and the Data Protection Act (DPA) 2018?
Read moreEU Advocate General’s opinion on data subjects’ rights to compensation for non-material damage under the GDPR
Does the theft of an individual’s sensitive personal data by a wrongdoer give rise to compensation for non-material damage under Article 82 EU General Data Protection Regulation (GDPR), if the wrongdoer has not used, or taken steps to use, the sensitive personal data for any purpose?
Read moreICO updates its guidance on AI and data protection
What are the key data protection principles which the Information Commissioner’s Office (ICO) expects organisations to follow when integrating AI into their product and service offerings?
Read moreFCA consults on new reporting obligations for (i) incidents and (ii) third party arrangements
On 13 December 2024, the FCA published consultation paper CP24/28 (the CP) on proposals for firms to report on operational incidents and, separately, on material third party arrangements. The CP mirrors similar proposals put forward by the PRA and Bank of England on the same day and is designed to align with current international standards (e.g. the EU Regulation on digital operational resilience (DORA)).
Read moreTelecoms supply agreement excludes "loss of profit" claim under "anticipated profits" liability exclusion (EE v Virgin Mobile)
In line with a number of recent cases, in EE Limited v Virgin Mobile Telecoms Limited [2023] EWHC 1989 (TCC) the courts have shown that parties generally cannot avoid clear wording contained in exclusion clauses in order to recover losses that have been expressly excluded (in this case, loss of profits).
Read moreRolls-Royce entitled to hit the brakes in dispute over termination of a software services agreement (Topalsson v Rolls-Royce)
In Topalsson GmbH v Rolls-Royce Motor Cars Limited [2023] EWHC 1765 (TCC), the High Court has provided useful guidance on how to determine whether a software implementation timeline agreed by the parties is binding, when implementation is considered complete and in what circumstances failing to complete implementation by the contractual deadlines entitles the customer to terminate the contract.
Read moreA narrow escape – software services provider entitled to rely on single aggregate liability cap (Drax v Wipro)
When it comes to bespoke software development projects, a lot can go wrong. There's risk for the customer such as project delays, software defects, functionality issues and a lack of meeting of minds in terms of project requirements.
Read moreNew Development: National Cyber Security Centre warns AI is likely to heighten global ransomware threat
The National Cyber Security Centre (NCSC), part of GCQH, has published a report on the “near-term impact of AI on the cyber threat” over the next two years, which concludes that: (i) AI is already being used in cyber activity in a malicious way; and (ii) the volume of cyber attacks and the global ransomware threat are likely to be heightened over the next two years.
Read moreUK Government publishes response to AI White Paper consultation
What approach has the UK Government’s adopted in its response to the consultation on the AI regulation White Paper (the White Paper)?
Read moreWhat the AI is going on… December 2023 to March 2024
Google launched its newest GenAI, Gemini Nano. Designed specifically for mobile phones it presents new competition to market leaders OpenAI. Gemini Nano will allow AI apps that operate offline as opposed to only on servers and provide improved privacy for users.
Read moreCourt of Appeal holds Samsung liable for trade mark infringement by third-party apps
Can online platforms be liable for trademark infringement by third-party apps?
Read moreUK Supreme Court rejects AI as “inventor” under the Patents Act
What is the scope and meaning of “inventor” in the UK’s patent framework, and will it accept an AI machine as being the sole inventor?
Read moreThe new EU Digital Operational Resilience Act (DORA)
What can financial services entities and ICT providers expect from DORA and what do they need to do prepare for it?
Read moreDigital Markets, Competition and Consumers Bill opens door for stricter regulation of news platforms
How might the proposed Digital Markets, Competition and Consumers Bill (the Bill) affect news reporting by digital platforms?
Read moreDCMS publishes new Code of Practice for app developers and app store operators
What do app developers and app store operators need to do to comply with the new Code of Practice published by the Department for Digital, Culture, Media and Sport (DCMS)?
Read moreNew Metaverse regulation proposal to be discussed by EU Commission
How does the European Commission (EC) intend to regulate the Metaverse?
Read moreOnline Safety Bill: Latest amendments increase focus on children safety
What is the focus of the latest round of amendments proposed to the Online Safety Bill and how will these impact online platforms?
Read moreStay connected and subscribe to our latest insights and views
Subscribe Here