The U.K.’s data protection regulator began publishing the details of cases where organizations breached the General Data Protection Regulation (GDPR) but were not fined.
The Information Commissioner’s Office (ICO) believes the move highlights the regulator’s pragmatism regarding GDPR enforcement and improves transparency.
The ICO’s director of investigations said in December the regulator would publish all reprimands from January 2022 onward, excluding cases involving national security and ongoing legal proceedings. In a speech at the National Association of Data Protection Officers conference in November, Information Commissioner John Edwards said he wanted “to have a predictable approach to enforcement,” where “regulating for outcomes, not outputs” was the main driver.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Trial Membership
First week free, then $499 for an annual Membership
Cancel anytime within the trial period.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
The U.K. government formally introduced a bill to reform the country’s data privacy laws in a manner projected to save British businesses “billions.”
Experian won a legal battle against the U.K. Information Commissioner’s Office after the data regulator ordered the credit reference agency to make “fundamental changes” over the way it handled personal data for direct marketing purposes or stop altogether.
The U.K. Information Commissioner warned companies not to ignore “crucial measures” to prevent cyber incidents following his office’s decision to fine construction firm Interserve £4.4 million (U.S. $5 million) for failing to secure employee personal information.
The Dubai International Financial Centre announced the California Consumer Privacy Act passes muster, allowing compliant California businesses to be the first permitted to transfer data with the DIFC without additional contractual measures.
The European Commission might have given a green light to the latest mechanism to allow safe data transfers between the European Union and the United States, but experts have mixed views regarding how long it will last and whether it is even legal.
The European Commission announced it adopted a new agreement with the United States to allow for transatlantic data flows without fear of violating the European Union’s General Data Protection Regulation.
