Meta fined EUR 1.2bn by the Irish Data Protection Commission and ordered to cease data transfers to the US
Irish Data Protection Commission (DPC), issues a record fine against Meta Platforms Ireland Limited (Meta).
Irish Data Protection Commission (DPC), issues a record fine against Meta Platforms Ireland Limited (Meta).
In late 2022, the Government announced its intention, as part of Brexit, to remove EU laws from the statute books.
On 16 May 2023, the French data protection authority, Commission Nationale Informatique & Libertés (the CNIL) published an action plan detailing how it will investigate the privacy issues posed by AI systems.
On 11 May 2023 the European Parliament adopted a resolution against an EU adequacy decision on the grounds of the United States (US) Data Privacy Framework (Framework) in its current form.
The EDPB has produced a guide for small businesses on how to comply with the EU GDPR.
Examination of what constitutes a “copy” of personal data under Article 15(3) EU GDPR, whether this extends to a copy of, extracts of or even entire documents or extracts from data bases?
Earlier this year the Court of Justice of the European Union (CJEU) weighed in on the question of disclosing the recipients of personal data in the context of data subject access requests.
On 8 June, the US and UK announced their intention to create a data bridge between the US and the UK.
On 4 May, the CJEU passed down judgment in the case of UI v Österreichische Post AG, a matter originally brought before the Austrian courts.
The UK has applied to join the Global Cross Border Privacy Rules Forum (CBPRF). Read more here about the objectives of the forum.
Let us guide you on if the provision of information required by a regulator ever be direct marketing.
The guidance covers the aim and overall structure of the right, general considerations in respect of assessing the request, the scope of the right, how to provide access and the limits and restrictions on the rights. We will look in more detail at the guidance in upcoming digests.
Last month the ICO issued a fine of £12.5 million to TikTok.
The European Commission has proposed an EU Cyber Solidarity Act aimed at improving “preparedness, detection and response to cybersecurity incidents across the EU.
The EDPB has updated its guidance on personal data breaches to address the question of notification of breaches by controllers who are not established in the EU.
On 22 March Capita was the victim of a cyber incident which primarily targeted “access to internal applications”.
There has been a significant amount of activity in the US in relation to privacy recently.
Eight states have now enacted comprehensive privacy laws.
Read the Privacy Law & Business UK Report May 2023 where we discuss the Gormsen case.
Generative AI has been a topic of increasing interest, we’ll explore how systems such as ChatGPT, impact data protection.
In January 2023, after a significant and turbulent investigation, the Irish Data Protection Commission (Irish DPC) fined Meta Platforms Ireland Ltd. (Meta Ireland) €390m (£340m) for its activities in relation to Facebook and Instagram.
New sets of guidance published by EDPB offers Guidelines on the interplay between the application of Art. 3 and the provisions on international transfers as per Chapter V GDPR.
Earlier this year, WhatsApp was hit with another (albeit much smaller) fine, this time in relation to the legal basis it uses for some of its processing activities.
The recent decision of the First Tier Tribunal (Information Rights) (the Tribunal) has addressed several interesting points of general application in relation to using legitimate interests as a basis for direct marketing processing and the standard of privacy information which needs to be provided by organisations
Let us help you navigate direct marketing by electronic mail.
The ICO has created a new hub for direct marketing which has several pieces of guidance as well as FAQs and checklists to assist organisations with direct marketing.
The EDPB’s verdict on the draft adequacy decision (the EU-US Data Privacy Framework or DPF) has arrived.
The EDPB commissioned a task force, consisting of several supervisory authorities in response to complaints raised by NYOB, the non-profit privacy organisation, about how cookie banners operate.
UK Information Commissioner, John Edwards gave a keynote speech at the National Association of Data Protection Officers’ Annual Conference in relation to the ICO’s new approach to regulatory action.
The Department for Culture, Media and Sport (DCMS) and National Cyber Security Centre have collaborated to produce a voluntary code of practice for app store operators and developers.
The English High Court has recently given a ruling in relation to damages for personal data breach claims.
Read the Privacy Law & Business UK Report January 2023 to discover the new suite of guidance from the ICO to directing marketing by electronic mail.
On 19 October 2022 the ICO fined Interserve Group Ltd £4.4 million in relation to contraventions of Article 5)1)(f) and Article 32 of the GDPR which occurred between 18 March 2019 and 1 December 2020.
Read the latest guidance and FAQs from the ICO relating to AI and personal data.
We set out the key steps which you should consider when embarking on a data sharing project.
The latest report by the European Union Agency for Cybersecurity gives an overview of the cyber security threat landscape.
Updated guidance from the ICO on international transfers, including a new section specifically relating to Transfer Risk Assessments.
In its first independent adequacy regulation made by the UK since leaving the European Union, exports are expected to increase to South Korea.
Following an investigation by the Daily Mail, a referral was made to the ICO regarding Easylife’s telephone marketing practices.
ICO intends to fine Tik Tok for its failure to protect the privacy and data of children using the platform.
We explore how the Retained EU Law Bill provides new powers to the Government and its impact on data protection.
Ensure you comply with appropriate technical and organisational security measures to protect personal data.
Data protection is a fluid terrain. Data protection legislation and the approach by regulators are constantly changing, so it is vital to stay up to date. In this resource library, you’ll find some expert insight and information to help you navigate a path of compliance.
All items are available to download as pdf files. To view a document, please ensure you have installed Adobe Acrobat Reader on your device.
Please complete the fields below to stay up-to-date with the latest HelloDPO news.
Our experience speaks for itself, with global powerhouse brands, tech giants at the forefront of the data processing industry, rapid growth health tech start-ups, forward-thinking financial institutions, a challenger dating app, fashion giants, one of the largest entertainment and record label conglomerates in the world, shopping meccas, national broadcasters, the UK’s biggest free streaming service, and numerous Legal 500 firms all choosing HelloDPO as their trusted Data Protection Advisory Partner.
We are here to make our data-driven world a more equitable and ethical place to live, work, and thrive by pragmatically balancing our clients’ commercial ambitions with every individual’s right to privacy.
Website developed by Bowler Hat