Trusted Data Privacy Partners
Trusted Data Privacy Partners
On March 6, 2024, the Information Commissioner’s Office (ICO) initiated 'call for views' concerning its approach to a proposed 'consent or pay' model for online advertising cookies. This model offers users the option to consent to personalised advertising or pay a fee to opt out of tracking. The ICO has communicated its standpoint to the Association of Online Publishers and Internet Advertising Bureau UK and now seeks input from stakeholders on this model.
This initiative follows existing ICO enforcement efforts against non-compliant websites regarding cookie consent mechanisms, emphasising the importance of providing users with a fair choice. Through the development of digital tools and collaboration with technical experts, the ICO is increasing its efforts to assess website cookie compliance. Organisations found to be non-compliant may face enforcement action, as the ICO reviews responses received and prioritises cases for enforcement action. This announcement serves as a final warning for organisations to ensure compliance with cookie regulations.
Members of the European Parliament (MEPs) have now agreed new rules for AI systems, codified within the AI Act. The legislation promotes human oversight, safety, non-discrimination and environmental friendliness and prohibited practices include manipulative techniques and social scoring.
The detailed text will be drafted and it is expected that the Act will be formally passed into law in early 2024.
Starting from October 12, if your US Partner is aligned with the EU-US Data Privacy Framework, you can confidently transfer personal data from the UK. Make sure you're in the know and compliant.
Need more details or facing commercial law challenges? Reach out to us today!
On September 15th, Ireland’s Data Protection Commissioner (DPC) announced the conclusion of its inquiry of Meta Platforms Ireland Ltd with a €405 million (£360 million) fine and a range of corrective measures for violating children’s privacy on Instagram. The DPC started its investigation after receiving information provided by a US data scientist, David Stier in September 2020 showing how children’s data is processed on the Instagram social networking platform.
After months of comprehensive investigations and court administrative process, the decision records find of several violations of Article 5(1)(a), 5(1)(c), 6(1), 12(1), 24, 25(1) 25(2), and 35(1) of the GDPR.
Meta Platform Ireland Limited indicated filing an appeal against the fine and disagreed with how the fine was calculated, as stated in the Irish Times. Meta said that they engaged fully with the regulator throughout the investigation and the default setting has been changed.
Click here to read the complete press release from the Ireland DPC.
The ICO has filed criminal charges against eight people for allegedly conspiring to illegally access and obtain people’s personal information from vehicle repair garages to generate potential leads for personal injury insurance claims. The activity took place across the UK between December 1st, 2014, to November 20th, 2017, and hundreds of thousands of individual’s personal data from in road traffic accidents was collected without their consent.
The eight defendants now will face two charges of conspiring to commit an offence under section 1 of the Computer Misuse Act 1990 (allegedly unlawful accessing of personal data held on the computer) and section 55 of the Data Protection Act 1998 (allegedly unlawful obtaining of personal data). This case’s first hearing will occur at Manchester and Salford Magistrates Court on October 27th, 2022.
For more details related to the news, please click here.
The UK Information Commissioner’s Office (ICO) has published its Privacy-Enhancing Technologies (PETs) draft guidance The ICO describes PETs as technologies that embody fundamental data protection principles by minimising personal data use, maximising data security, and/or empowering individuals. Linked to the concept of ‘Data Protection by Design and by default’, PETs should:
1. Assist compliance with the principle of data minimisation by ensuring that organisations or individuals only process the data they need for their purpose.
2. Provide an appropriate level of security.
3. Implement robust anonymisation or pseudonymisation solutions.
4. Minimise the risk that arises from personal data breaches.
John Edwards, the UK Information Commissioner’s said:
“It’s not just regulators that need to take action – we need the industry to step up, too. We want organisations to come to us with codes of conduct and certification schemes, for example, to show their commitment to building services or products that are designed in a privacy-friendly way and protect people’s data”
The ICO encourages organisations and/or individuals to carefully assess the impacts of the decision-making process, purpose specification, and how organisations and/or individuals can comply with accuracy and accountability requirements before using PETs.
To improve the final guidance and its functionality, the ICO calls for views and consultation on its updated draft guidance on anonymisation, pseudonymisation, and PETs until December 31st, 2022. For formal news from the ICO related to PETs, click here.
Privacy Partnership Law
Privacy Partnership Law Ltd is regulated by The Solicitors Regulation Authority with registration number 829686 .
Privacy Partnership Law Ltd. is a registered company based in England and Wales with a registration number 13211514 - and a registered office at
7 Eland Rd, London Sw11 5JX. VAT number 401788010. It forms part of the Privacy Partnership Group of Companies.
Copyright © 2022 Privacy Partnership Law - All Rights Reserved no part of this website may be copied or reproduced without permission.
We use necessary cookies to make our site work. We would also like your permission to set optional analytics cookies to help us improve it. Clicking 'Accept' below will set cookies on your device to remember your preferences. Find out more in our Privacy Policy or scroll down to read more about the different types of cookies.
Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.
Where you select "Accept" we set Google Analytics cookies to help us to improve our website by collecting and reporting information on how you use it. The cookies collect information in a way that does not directly identify anyone. For more information on how these cookies work see https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=en-US