Meta Fined €390M for GDPR Breach Arising from its Behavioural Ads

From Initial Complaints in May 2018 to Sanctioning in January 2023  Facebook, Instagram and WhatsApp parent company, Meta Platforms Ireland Limited, has faced complaints regarding privacy since the General Data Protection Regulations (GDPR) came into effect in May 2018 and the matter has finally been addressed by authorities.  The data privacy activist group NOYB [...]

By |2023-01-10T16:57:15+00:0010th January, 2023|DPO, Governments, International|

2023 latest eye-catching trends / predictions in the cyber industry

Cybersecurity continues to be challenged and receives indisputable attention with the evolving digital transformation.   According to the 2022 Ponemon Institute report on the state of cybersecurity, 54% of organisations have experienced a cyberattack in the last 12 months. While many surveys state the increasing incidence of Ransomware and Distributed Denial of Service (DDoS) attacks [...]

By |2023-01-10T16:40:43+00:0010th January, 2023|DPO, Governments, International|

EU-U.S. Data Privacy Framework draft adequacy decision

On the 13 December 2022 the European (EU) Commission released its draft adequacy decision for the EU-U.S. Data Privacy Framework (DPF). This decision follows the signature of a US Executive Order by President Biden on the 7th October 2022 in which the US government made several commitments to implement new binding safeguards to address [...]

By |2023-01-10T16:12:07+00:0010th January, 2023|DPO, Governments, International|

2022 Highlights

Looking back over 2022, HewardMills has continued to consistently set the standard on data protection and privacy, championing best practice and working hand in hand with our global clients to identify and address data protection and privacy gaps.    Fines  Over the course of the year, we have seen data privacy and protection hit the [...]

By |2022-12-21T15:05:34+00:0021st December, 2022|DPO, Governments, International|

Celebrating 1000 UK B Corps at the Natural History Museum

Last month, we joined celebrations at the Natural History Museum as B Corp reached the momentous milestone of 1000 UK certified corporations; with HewardMills being one of the latest to proudly join the community. At the heart of the event was the opportunity to connect and celebrate with other B Corp organisations whose collective [...]

By |2022-12-21T15:25:49+00:0019th December, 2022|DPO, Governments, International|

Discord fined 800 000 euros over several GDPR breaches

Discord, a popular voice over IP communication platform was fined 800 000 euros by French CNIL over GDPR violations in regard of data retention periods and personal data security. CNIL (Commission Nationale de l'Informatique et des Libertes) a French public authority conducted Investigations which led to discovery of 5 GDPR violations including:  1. Failure to [...]

By |2022-12-21T15:06:32+00:0014th December, 2022|DPO, Governments, International|

ICO publishes new set of International Data Transfers guidance

The UK General Data Protection Regulations (GDPR) contains guidance and rules regarding transfers of personal data to recipients located outside the UK, these are known as restricted transfers. In order to comply with the GDPR, Article 46 of the GDPR details the "appropriate safeguards" that should be implemented for restricted transfers. Examples of such [...]

By |2022-12-21T15:24:35+00:0014th December, 2022|DPO, Governments, International|

What is the EU’s proposed AI Act and how is it pertinent to Life Sciences? 

The European Commission’s proposed Artificial Intelligence (AI) Act attempts to regulate a wide range of AI applications, aligning them with EU (European Union) values and fundamental rights through a risk-based approach.  The AI Act focuses on four specific types of use or practice for an AI system:  Prohibited AI practices and systems, such as [...]

By |2022-12-21T15:22:29+00:0014th December, 2022|DPO, Governments, International|

SCCs December Deadline

Standard Contractual Clauses (SCCs) are a key mechanism by which organisations can transfer personally identifiable data to/from countries outside European Economic Area (EEA). This mechanism is particularly relevant for countries that have not received an adequacy decision by the European Commission. Usually, countries outside the EEA are referred to as “Third Countries”.  SCCs are [...]

By |2022-12-01T15:33:14+00:0030th November, 2022|DPO, Governments, International|

EDPB Guidance on Determining a Lead Supervisory Authority Updates

Introduction  In April 2017, the European Data Protection Board (EDPB) endorsed the Article 29 Working Party’s Guidelines for identifying a controller or processor’s lead supervisory authority. The EDPB noted that further clarification in these Guidelines was required, especially in relation to the main establishment in the context of joint controllership. Recent weeks have seen updates [...]

By |2022-11-30T18:25:19+00:0030th November, 2022|DPO, Governments, International|
Go to Top