- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Neil Hodge2023-03-08T13:00:00
The U.K.’s data protection regulator began publishing the details of cases where organizations breached the General Data Protection Regulation (GDPR) but were not fined.
The Information Commissioner’s Office (ICO) believes the move highlights the regulator’s pragmatism regarding GDPR enforcement and improves transparency.
The ICO’s director of investigations said in December the regulator would publish all reprimands from January 2022 onward, excluding cases involving national security and ongoing legal proceedings. In a speech at the National Association of Data Protection Officers conference in November, Information Commissioner John Edwards said he wanted “to have a predictable approach to enforcement,” where “regulating for outcomes, not outputs” was the main driver.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Register for free
Access one free, non-premium article each month.
Complimentary CPE webcasts, resources, and e-Books.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
The U.K. government formally introduced a bill to reform the country’s data privacy laws in a manner projected to save British businesses “billions.”
Experian won a legal battle against the U.K. Information Commissioner’s Office after the data regulator ordered the credit reference agency to make “fundamental changes” over the way it handled personal data for direct marketing purposes or stop altogether.
The U.K. Information Commissioner warned companies not to ignore “crucial measures” to prevent cyber incidents following his office’s decision to fine construction firm Interserve £4.4 million (U.S. $5 million) for failing to secure employee personal information.
The California Privacy Protection Agency warned businesses to stop asking for excessive information from consumers who have requested to opt out of having their data collected or who are otherwise exercising their privacy rights under the California Consumer Privacy Act.
The U.S. Department of Transportation is looking to thwart the nation’s 10 largest airlines from monetizing passenger data or selling it to third parties.
The proliferation of artificial intelligence technologies—and their reliance on publicly available data—has reinforced the need for tech developers and the companies using their solutions to ensure privacy by design and by default is at the crux of any offering.
