US Privacy Law 2024: New legislation, an enforcement sweep (And it’s only January)

2023 was a landmark year for privacy in the US, with five new comprehensive privacy laws taking effect, strong enforcement at the federal level, and new laws passing across the states. But 2024 could prove even more significant.  FTC enforcement  The year began with yet another privacy case from the Federal Trade Commission (FTC), [...]

By |2024-01-31T13:26:22+00:0027th January, 2024|DPO, Governments, News|

EDPB’s Data Protection Officer research shows significant compliance gaps 

The European Data Protection Board (EDPB) has published a report of its investigation into Data Protection Officers (DPOs). The research reveals that DPOs in many organisations lack sufficient resources to fulfil their tasks, and sometimes hold senior positions that could present a conflict of interest.  DPO requirements under the GDPR  The GDPR requires an organisation [...]

By |2024-01-25T12:00:23+00:0022nd January, 2024|DPO, Governments, News|

Three things that probably *Won’t* happen in data protection in 2024

Foresight is crucial in a fast-moving field like data protection. So as 2023 draws to a close, the web is becoming saturated with privacy predictions for next year.  But let’s put the crystal ball aside and consider some events that are unlikely to occur in 2024, with a focus on US privacy law, transatlantic [...]

By |2023-12-21T09:39:50+00:0021st December, 2023|DPO, Governments, News|

December’s global privacy news roundup

ICO fines Ministry of Defence for Afghan evacuation data breach The UK Information Commissioner’s Office (ICO) has imposed a £350,000 fine on the Ministry of Defence (MoD) for a data breach involving the personal data of individuals seeking relocation to the UK after the Taliban's takeover of Afghanistan in 2021.   On September 20, 2021, [...]

By |2023-12-21T09:32:31+00:0021st December, 2023|DPO, Governments, News|

Brexit and Beyond: Adapting to the UK’s evolving data privacy landscape 

The UK’s data protection and privacy landscape remains largely the same since Brexit, with the UK General Data Protection Regulation (UK GDPR) retaining substantially the same rules as exist in the EU, and the Data Protection Act 2018 (DPA) and Privacy and Electronic Communications Regulations (PECR) remaining unchanged.  But in 2022, with the UK [...]

By |2023-12-21T09:32:56+00:0021st December, 2023|Brexit, DPO, Governments, News|

EU agrees landmark deal on regulation of artificial intelligence

The EU Council presidency and the European Parliament have provisionally agreed on a unified AI regulation for Europe. These proposed rules aim to guarantee the safe use of AI systems in the EU market, ensuring they comply with fundamental rights and EU values.   The deal refines the definition of an AI system to clearly [...]

By |2023-12-21T09:14:47+00:0019th December, 2023|Artificial Intelligence, Brexit, DPO, Governments, News|

November global regulatory roundup

FTC files complaint against Global Tel Link for neglecting cybersecurity and delaying breach notification  The U.S. Federal Trade Commission (FTC) announced that it has filed a complaint against prison communications provider Global Tel Link for ineffective cybersecurity measures and failing to notify consumers after a data breach.   Global Tel Link, which provide telephonic and [...]

By |2023-12-01T12:32:35+00:0029th November, 2023|DPO, Governments, News|

Singapore’s PDPC fines two companies for alleged privacy security violations

On 10 November, Singapore's Personal Data Protection Commission (PDPC) published details of financial penalties it had imposed on two companies, Tokyo Century Leasing and Ascentis, both of which were fined for their alleged failure to apply reasonable security arrangements to safeguard personal data.  Tokyo Century Leasing was fined SGD 82,000 (approx. GBP 48,540) after [...]

By |2023-12-01T12:35:37+00:0027th November, 2023|DPO, Fine, News|

RBI sets sew IT Governance Standards for banks and NBFCs to enhance data protection

The Reserve Bank of India (RBI) has introduced comprehensive master directions for information technology governance, risk management, and assurance practices in banks and Non-Banking Financial Companies (NBFCs). The Information Technology Governance, Risk, Controls and Assurance Practice Directions ("Directions"), effective from April 1, 2024, will enforce procedures around data migration, remote access to companies' application [...]

By |2023-12-01T12:37:08+00:0026th November, 2023|DPO, Financial, News|

Navigating data protection laws worldwide during the busy shopping season

The expansion of the internet and the rapid rise of digitisation means retailers have access to customers in more markets than ever. But operating in multiple countries and collecting large volumes of data means understanding data protection laws worldwide is essential. Online retailers must ensure they can comply with new and evolving regulations as [...]

By |2023-12-01T12:38:52+00:0025th November, 2023|DPO, News, Retail|
Go to Top