UK Privacy

UK App Code Provides Privacy and Security Compliance Direction

By Liisa Thomas & Summer Danzeisen on February 9, 2023

Posted in Consumer Privacy, Mobile Privacy, UK Privacy

The UK’s new Code of Practice for App Store Operators and App Developers provides companies with privacy-related resources. It also highlights ICO privacy expectations. Participating in the code is done by voluntarily complying with it (it is not mandatory). The UK Department for Digital, Culture, Media, and Sport, though, is not only working with leading companies to participate in the code, but also is looking at whether current laws should be expanded and/or if code participation should become mandatory. …

Continue Reading UK App Code Provides Privacy and Security Compliance Direction

UK Reprimands Companies For Failing to Keep Up with Access Requests

By Brittany Walter on October 26, 2022

Posted in EU Privacy, UK Privacy

The ICO, Britain’s privacy authority, recently issued reprimands to seven organizations citing multiple failures of the organizations to respond to data subject access requests either within the statutory time frame…

Deadlines for EU and UK Standard Contractual Clauses Approaching

By Julia Kadish & Liisa Thomas on September 14, 2022

Posted in EU Privacy, GDPR, SCC, UK Privacy

Companies transferring personal data out of the EU or UK are reminded of key deadlines approaching for the contracts that govern these transfers. When the European Commission adopted the new Standard Contractual Clauses (SCCs) in 2021, it set a deadline of December 27, 2022 for existing contracts under the old SCCs. This means that by December 27, 2022 onward, all existing contracts using the old SCCs will need to be replaced by the new terms.…

Continue Reading Deadlines for EU and UK Standard Contractual Clauses Approaching

UK ICO and NCSC Issue Caution About Making Ransomware Payments

By Liisa Thomas & Kari Rollins on July 11, 2022

Posted in Data Breach, Data Security, Ransomware, UK Privacy

In a recent letter to the UK law society, the UK Information Commissioner’s Office and the National Cyber Security Centre have provided lawyers with advice about ransomware payments. The two agencies cautioned lawyers that such payments would not help “protect” the data, mitigate the risk to individuals, or result in a lower ICO penalty in the event of a regulatory investigation. Instead, they stated in a release that accompanied the letter, lawyers “should not advise clients to pay ransomware demands should they fall victim to a cyber-attack.”…

Continue Reading UK ICO and NCSC Issue Caution About Making Ransomware Payments

Free Data Flow to the UK May Continue – EU Adopts Adequacy Decision

By Oliver Heinisch on June 28, 2021

Posted in Cross-Border Data Transfers, EU Privacy, UK Privacy

The European Commission announced today a long-awaited decision that the UK data protection standards are adequate under the meaning of GDPR’s Article 45, providing a mechanism to enable transfer of data from the EU to the UK without the need for additional authorisation or putting in place additional safeguards. This decision will be in force for four years but can be withdrawn if the UK were to lower its standards and no longer provide EU citizens adequate protection for their personal data. The decision excludes personal data that is transferred for purposes of United Kingdom immigration control.
…
Continue Reading Free Data Flow to the UK May Continue – EU Adopts Adequacy Decision

Eye On Privacy