Skip to content

menu

Data Protection Report logo
HomeAboutContact
Search
Close
Compliance and risk managementCurrent Page:Regulatory responseData breachCybersecurity
View topics Archives
Subscribe

Data Protection Report

Data protection legal insight at the speed of technology

Regulatory response

Subscribe to Regulatory response via RSS

Online Safety Act: Protecting Children from Harmful Content Online – Ofcom’s Guidance on Age Assurance for Part 3 Services

Photo of Farah Mukaddam (UK)Photo of Marcus Evans (UK)Photo of Rosie Nance
By Farah Mukaddam (UK), Marcus Evans (UK) & Rosie Nance on January 28, 2025

Ofcom has published its guidance for implementing age assurance measures for regulated service providers. User-to-user (U2U) services and search services take note: a decision not to implement highly effective age assurance measures means that your service may be deemed by…

TR v Land Hessen – DPA not obliged to fine under the GDPR

Photo of Shan Nanayakkara
By Shan Nanayakkara on December 3, 2024

By Shan Nanayakkara

In TR v Land Hessen (C‑768/21) the European Court of Justice (“ECJ”) found that following a personal data breach, a supervisory authority is under no obligation to exercise its corrective powers, specifically the power to…

Subscribe to Data Protection Report

Subscribe to this publication
Motherboard Circuit Background. Virus detected over circuit board. Worm, cyber attack, antivirus, firewall alert and danger warning concept. Futuristic PCB. 3D render

Lessons on international transfers to the US to organisations caught by the GDPR

Photo of Jurriaan JansenPhoto of Naomi SchuitemaPhoto of Marcus Evans (UK)Photo of Rosie Nance
By Jurriaan Jansen, Naomi Schuitema, Marcus Evans (UK) & Rosie Nance on September 11, 2024

The Dutch data protection authority, the Autoriteit Persoonsgegevens (AP) announced a fine of €290 million on Uber Technologies Inc. (UTI) and Uber B.V.,(UBV) (together Uber) with press releases in Dutch and English.  The fine relates to the transfer of…

Digital jpg-AdobeStock_207493167

Recent regulatory developments in training AI models under the GDPR

Photo of Marcus Evans (UK)Photo of Rosie NancePhoto of Olivia Wint
By Marcus Evans (UK), Rosie Nance & Olivia Wint on August 22, 2024

In 2024, many organisations have been eager to look at how they can use the data they hold to debut or build on their artificial intelligence (AI) programme.  Many are looking to use that data to train AI models, or…

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

Photo of Marcus Evans (UK)Photo of Fiona Bundy-Clarke (UK)Photo of Shiv Daddar (UK)
By Marcus Evans (UK), Fiona Bundy-Clarke (UK) & Shiv Daddar (UK) on June 22, 2022

The Department for Culture, Media and Sport (DCMS) has finally published the UK government’s long-awaited response to the consultation on the future of the UK data protection regime.

The government set out very high level principles for a Data…

The aftermath of an incident – why keeping records of data breaches and privacy incidents matters

Photo of Jeremie Wyatt (CA)Photo of Imran Ahmad (CA)Photo of Sara A. Levine, QC (CA)
By Jeremie Wyatt (CA), Imran Ahmad (CA) & Sara A. Levine, QC (CA) on June 14, 2022

As privacy incidents and security breaches involving personal information become increasingly frequent, organizations are more and more aware of the importance of implementing a robust privacy program to mitigate the risks and impacts of such incidents. While this preparation is…

FTC Signals Additional Scrutiny for Data Breaches

Photo of Anna Rudawski (US)Photo of Chris Cwalina (US)
By Anna Rudawski (US) & Chris Cwalina (US) on May 25, 2022

On May 20, 2022, the Federal Trade Commission (FTC) stated that failure to disclose a data breach may be a violation of Section 5 of the FTC Act.  Historically, the FTC has not been explicit about its notification…

The UK’s ICO issues a monetary penalty notice to professional services firm after ransomware attack

Photo of Steven Hadwin (UK)Photo of Tim Jones
By Steven Hadwin (UK) & Tim Jones on March 22, 2022

On 10 March 2022, the Information Commissioner’s Office (ICO) issued a monetary penalty notice to a professional services firm (the Firm) to the tune of £98,000 for a breach of Article 5(1)(f) of the General Data Protection…

The UK Government unveils its post-Brexit plans to shake up data protection laws

Photo of Lara White (UK)Photo of Marcus Evans (UK)
By Lara White (UK), Marcus Evans (UK) & Isabella Martinez-Sistac Orozco on August 27, 2021

On 26 August 2021, in a move that puts it on a potential collision course with the EU, the UK Government made a number of announcements relating to the future of the UK’s data protection regime, with the stated intention…

“Am I a CII operator?” – New regulation in China provides more clarity

Photo of Anna GamvrosPhoto of Lianying Wang (CN)
By Anna Gamvros & Lianying Wang (CN) on August 18, 2021

China’s Cyber Security Law (CSL), enacted in 2016, requires operators of critical information infrastructure (CII) to follow a number of enhanced security obligations, including storing within China all personal information and important data collected or generated…

Post navigation

Older Posts 

Data Protection Report

Facebook Twitter RSS LinkedIn YouTube
Published by
Norton Rose Fulbright LLP logo
DisclaimerPrivacy policy

About

More than a news source, the Data Protection Report provides thought leadership on emerging privacy, data protection and cybersecurity issues, and helps its readers proactively address risks and anticipate next steps in this crucial emerging field.

Read more

Topics

Archives

Copyright © 2025, Norton Rose Fulbright LLP. All rights reserved.