On 8 June 2023, the UK Secretary of State for Science, Innovation, and Technology and the US Secretary of Commerce issued a joint Statement confirming that the UK and the USA have committed in principle to establishing a “data bridge”
New UK guidance on Transfer Risk Assessments
On 17 November 2022, the Information Commissioner’s Office (ICO) published an update to its guidance on international transfers (Transfers Guidance). This included specific guidance about transfer risk assessments or TRAs and a tool for undertaking
UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill
The Department for Culture, Media and Sport (DCMS) has finally published the UK government’s long-awaited response to the consultation on the future of the UK data protection regime.
The government set out very high level principles for a Data
Tentative further steps towards an agreed ePrivacy Regulation
It has been some months since we wrote about the ePrivacy Regulation and some years since the first draft was proposed. Since then, we have seen numerous delays in achieving an agreed form of legislation, caused in part by strong
EU-UK Trade and Cooperation Agreement: Implications for data protection law
On Christmas Eve, the EU and UK announced that a Trade and Cooperation Agreement (TCA) had been finalised. With it, came a sigh of relief from data protection practitioners everywhere. This is because the TCA provides an extension
ICO’s draft Age Appropriate Design Code could seriously impact processing of under 18’s personal data
On 15 April 2019, the ICO opened a public consultation on a draft code of practice titled Age Appropriate Design (the “Code”). The Code will remain open for public consultation until 31 May 2019.
The consultation document is described as a “code of practice for online services likely to be accessed by children.” However, its potential impact is in fact wider, and is perhaps better described as applying to all online services that are not demonstrably unlikely to be accessed by children, which it controversially defines as individuals under 18. For this reason, the Code in its current form will have implications for almost all providers and users of online services.