All Information Commissioner’s Office articles
-
Article10 tips to comply with the U.K.’s new data law
Changes to the U.K.’s privacy regime will immediately affect how companies handle AI-driven decisions, cookie usage, and responses to data subject requests. As a result, experts are warning compliance teams to ensure their organizations take the legislation seriously and make plans to review data governance.
-
ArticleU.K. hopes to create ‘third way’ in AI regulation between EU and U.S.
The U.K.’s data regulator has unveiled a new enforcement approach to AI development and usage that experts say seeks to carve a middle way between the strict rules applied by the European Union (EU) and the pro-industry, light-touch regime favored by the U.S.
-
PremiumUK’s deregulation drive raises compliance risk, say top lawyers
The United Kingdom’s latest effort to encourage regulators to pare down rules to attract companies and investment as a way to stimulate the economy has received mixed reviews from lawyers.
-
PremiumICO primed for enforcement increase behind new fining guidance?
The Information Commissioner’s Office updated its data protection fining guidance to provide companies with greater transparency and clarity about how and why it would issue penalties for a breach of the U.K. General Data Protection Regulation or Data Protection Act 2018.
-
News BriefICO seeking input on generative AI to inform guidance
The U.K. Information Commissioner’s Office is seeking input from developers, users, and those interested in generative artificial intelligence to help inform policy and guidance regarding the technology.
-
PremiumExperts: ICO apology to ex-CEO does not absolve NatWest of GDPR liability
Just because Alison Rose received a public apology from the U.K. Information Commissioner’s Office regarding the suggestion she might have violated the General Data Protection Regulation doesn’t mean NatWest could avoid sanction.
-
OpinionFallout from ‘debanking’ scandal suggests more U.K. bank reforms coming
The former CEO of NatWest’s decision to leak client details to the press regarding Nigel Farage is likely to cost the financial industry millions in new compliance checks as U.K. regulators prepare reviews into how banks treat people with extreme political views.
-
News BriefTikTok fined $15.9M for violations of U.K. GDPR
Social media platform TikTok was fined £12.7 million (U.S. $15.9 million) by the U.K. Information Commissioner’s Office for using the personal data of children without parental consent and other violations of data protection mandates.
-
News BriefU.K. moves forward with GDPR reform bill
The U.K. government formally introduced a bill to reform the country’s data privacy laws in a manner projected to save British businesses “billions.”
-
PremiumU.K. push for GDPR reprimand transparency draws mixed reviews
The U.K. Information Commissioner’s Office began publishing the details of cases where organizations breached the General Data Protection Regulation but were not fined. Legal experts share their take on the initiative.
-
PremiumRuling in Experian GDPR case thrusts ‘legitimate interest’ into spotlight
Experian won a legal battle against the U.K. Information Commissioner’s Office after the data regulator ordered the credit reference agency to make “fundamental changes” over the way it handled personal data for direct marketing purposes or stop altogether.
-
ArticleICO warns of ‘complacency’ in fining Interserve $5M under GDPR
The U.K. Information Commissioner warned companies not to ignore “crucial measures” to prevent cyber incidents following his office’s decision to fine construction firm Interserve £4.4 million (U.S. $5 million) for failing to secure employee personal information.
-
ArticleICO guidance stresses importance of reasoning in employee monitoring
The U.K. Information Commissioner’s Office issued draft guidance to help ensure employers’ monitoring of staff performance does not turn into surveillance or harassment.
-
ArticleEasylife fined $1.5M under GDPR for profiling customers
The Information Commissioner’s Office fined catalog retailer Easylife £1.35 million (U.S. $1.5 million) for marketing health-related products to individuals without their consent in violation of the U.K. General Data Protection Regulation.
-
ArticleTikTok facing $29M fine over U.K. children’s privacy violations
The Information Commissioner’s Office warned social media platform TikTok it could be fined £27 million (U.S. $29 million) for failing to protect children’s data in line with the U.K.’s version of the General Data Protection Regulation.
-
ArticleEDPS: U.K. GDPR reforms could create friction with EU
The United Kingdom’s keenness to agree to its own data adequacy decisions with countries like the United States could become a contentious issue with the European Union, according to European Data Protection Supervisor Wojciech Wiewiórowski.
-
ArticleU.K. data reform plan seeks to reduce ‘unnecessary burdens’ of GDPR
The U.K. government announced plans to reform the country’s data privacy laws to simplify procedures for businesses and reduce red tape, but the proposals might clash with certain elements of the EU’s General Data Protection Regulation.
-
ArticleICO fines Clearview AI $9.4M over alleged data privacy lapses
The U.K. Information Commissioner’s Office fined Clearview AI more than £7.5 million (U.S. $9.4 million) for collecting people’s images from internet and social media sites without their knowledge or consent.
-
ArticleU.K. signals divergence from GDPR with new data transfer approach
The United Kingdom announced plans to strike independent data adequacy decisions with key countries—including the United States—as part of its post-Brexit economic strategy.
-
ArticleICO’s first GDPR fine reduced on appeal
The U.K. Information Commissioner’s Office’s fine against pharmacy Doorstep Dispensaree for violations of the General Data Protection Regulation has been slashed approximately two-thirds on appeal to £92,000 (U.S. $126,000).