Fiona Bundy-Clarke (UK)

Subscribe to all posts by Fiona Bundy-Clarke (UK)

New commitments in principle regarding UK to USA data transfer mechanism

On 8 June 2023, the UK Secretary of State for Science, Innovation, and Technology and the US Secretary of Commerce issued a joint Statement confirming that the UK and the USA have committed in principle to establishing a “data bridge” to allow for the free flow of data between organisations in the UK and participating … Continue reading

New UK guidance on Transfer Risk Assessments

On 17 November 2022, the Information Commissioner’s Office (ICO) published an update to its guidance on international transfers (Transfers Guidance).  This included specific guidance about transfer risk assessments or TRAs and a tool for undertaking TRAs (the TRA Guidance and TRA Tool, respectively).  In its blog post accompanying the updated Transfers Guidance, the ICO makes … Continue reading

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

The Department for Culture, Media and Sport (DCMS) has finally published the UK government’s long-awaited response to the consultation on the future of the UK data protection regime. The government set out very high level principles for a Data Reform Bill in the Queen’s Speech in May. If legislation is to be passed in this … Continue reading

Tentative further steps towards an agreed ePrivacy Regulation

It has been some months since we wrote about the ePrivacy Regulation and some years since the first draft was proposed.  Since then, we have seen numerous delays in achieving an agreed form of legislation, caused in part by strong views on how privacy and confidentiality shape the development of electronic communications services and passionate … Continue reading

EU-UK Trade and Cooperation Agreement: Implications for data protection law

On Christmas Eve, the EU and UK announced that a Trade and Cooperation Agreement (TCA) had been finalised. With it, came a sigh of relief from data protection practitioners everywhere. This is because the TCA provides an extension period, of a sort, to allow the European Commission time to conclude its adequacy assessment of the … Continue reading

ICO’s draft Age Appropriate Design Code could seriously impact processing of under 18’s personal data

On 15 April 2019, the ICO opened a public consultation on a draft code of practice titled Age Appropriate Design (the “Code”).  The Code will remain open for public consultation until 31 May 2019. The consultation document is described as a “code of practice for online services likely to be accessed by children.”  However, its … Continue reading
LexBlog