As new AI law pass, remember: AI is already regulated

This month, the European Parliament approved the AI Act, which it called the “first regulation on artificial intelligence.” In the US, Utah passed the AI Policy Act, with some declaring it America’s first private-sector AI law. As organisations increase their use of AI, we need new laws to help manage new risks. But this [...]

By |2024-03-27T15:42:15+00:0024th March, 2024|Artificial Intelligence, DPO, Governments, News|

Latest regulatory roundup in global data protection and privacy

Nigeria DPC publishes guidance for data controller and processor registration requirements The Nigeria Data Protection Commission (NDPC) has released guidelines on the registration obligations for what it deems "data controllers and data processors of major importance," as stipulated by Nigeria’s Data Protection Act (NDPA).  Passed in June 2023, the Act introduced a crucial requirement [...]

By |2024-02-29T18:31:20+00:0027th February, 2024|DPO, Governments, News|

The ‘right of access’: Renewed focus on a long-established cornerstone of data protection

The right to access personal data is fundamental to data protection, and it was present in data protection laws as early as the Council of Europe’s Convention 108 (1981) and the UK’s Data Protection Act 1984.  But providing access to personal data continues to challenge many organisations—particularly those handling high volumes of information or [...]

By |2024-02-29T18:25:28+00:0022nd February, 2024|DPO, Governments, News|

Three key takeaways from DoorDash’s California privacy settlement

California Attorney General (AG) Rob Bonta reached a settlement with food delivery company DoorDash on 21 February — the second-ever enforcement action taken under the California Consumer Privacy Act (CCPA) since the law took effect in 2020.  Under a proposed order, DoorDash must pay a $375,000 civil penalty, enter into a three-year compliance programme, [...]

By |2024-02-29T18:26:57+00:0019th February, 2024|DPO, Governments, News|

Latest regulatory roundup in global data protection and privacy

The new EU Data Act enters into force The EU regulation on harmonized rules on fair access to and use of data, (the Data Act) was published in the EU’s official journal on 22 December 2023, and entered into force on 11 January 2024.  The Data Act sets rules for accessing and using data [...]

By |2024-01-31T15:01:23+00:0029th January, 2024|DPO, Governments, News|

The AI Act’s near final draft

On 22 January, journalist Luca Bertuzzi leaked a final draft of the EU’s long-awaited AI Act. While the EU’s institutions reached a broad agreement on the AI Act late last year, some technical details remained to be ironed out. The leaked draft of the AI Act is not absolutely final, but it includes almost [...]

By |2024-01-31T13:29:34+00:0028th January, 2024|Artificial Intelligence, DPO, Governments, News|

US Privacy Law 2024: New legislation, an enforcement sweep (And it’s only January)

2023 was a landmark year for privacy in the US, with five new comprehensive privacy laws taking effect, strong enforcement at the federal level, and new laws passing across the states. But 2024 could prove even more significant.  FTC enforcement  The year began with yet another privacy case from the Federal Trade Commission (FTC), [...]

By |2024-01-31T13:26:22+00:0027th January, 2024|DPO, Governments, News|

EDPB’s Data Protection Officer research shows significant compliance gaps 

The European Data Protection Board (EDPB) has published a report of its investigation into Data Protection Officers (DPOs). The research reveals that DPOs in many organisations lack sufficient resources to fulfil their tasks, and sometimes hold senior positions that could present a conflict of interest.  DPO requirements under the GDPR  The GDPR requires an organisation [...]

By |2024-01-25T12:00:23+00:0022nd January, 2024|DPO, Governments, News|

Three things that probably *Won’t* happen in data protection in 2024

Foresight is crucial in a fast-moving field like data protection. So as 2023 draws to a close, the web is becoming saturated with privacy predictions for next year.  But let’s put the crystal ball aside and consider some events that are unlikely to occur in 2024, with a focus on US privacy law, transatlantic [...]

By |2023-12-21T09:39:50+00:0021st December, 2023|DPO, Governments, News|

December’s global privacy news roundup

ICO fines Ministry of Defence for Afghan evacuation data breach The UK Information Commissioner’s Office (ICO) has imposed a £350,000 fine on the Ministry of Defence (MoD) for a data breach involving the personal data of individuals seeking relocation to the UK after the Taliban's takeover of Afghanistan in 2021.   On September 20, 2021, [...]

By |2023-12-21T09:32:31+00:0021st December, 2023|DPO, Governments, News|
Go to Top