On March 1, 2024, the UK Information Commissioner’s Office announced that it had issued an enforcement notice and a warning to the UK Home Office for failing to sufficiently assess the privacy risks posed by the electronic monitoring of people arriving in the UK via unauthorized means.
Continue Reading UK ICO Issues Enforcement Notice and Warning to UK Home Office

On February 22, 2024, the Federal Trade Commission announced a settlement order against Avast Limited requiring the company to pay $16.5 million and prohibit the company from selling or licensing any web browsing data for advertising purposes.
Continue Reading FTC Announces $16.5 Million Settlement Against UK Service Provider and Ban from Selling Browsing Data for Advertising Purposes

On February 23, 2024, the UK Information Commissioner’s Office reported that it had ordered public service providers Serco Leisure, Serco Jersey and associated community leisure trusts to stop using facial recognition technology and fingerprint scanning to monitor employee attendance.
Continue Reading ICO Orders Companies to Cease Using Facial Recognition Technology and Fingerprint Scanning to Monitor Attendance

On January 31, 2024, the UK ICO released a statement in response to its requirement that the UK’s biggest websites comply with data protection laws when using cookies. The ICO said that it received “an overwhelmingly positive response,” with 38 of the 58 organizations having changed their cookie banners in order to come into compliance.
Continue Reading UK ICO Warns Organizations to Make Advertising Cookies Compliant Following Call to Action

On January 23, 2024, the UK government announced that it published a draft Code of Practice on cybersecurity governance. The guidelines in the Code are intended to “help directors and senior leaders shore up their defences from cyber threats.” The Code has been designed in partnership with industry directors, cyber and governance experts, and the UK National Cyber Security Centre (NCSC), with a key focus to ensure that organizations have detailed plans in place to respond to and recover from any potential cyber incidents.
Continue Reading UK Government Publishes Draft Code of Practice on Cybersecurity Governance

On January 18, 2024, the UK Information Commissioner’s Office (“ICO”) published an updated Opinion on age assurance for the Children’s Code (the “Opinion”). The Children’s Code is a statutory code of practice setting out how information society services likely to be accessed by children should protect children’s information rights online.Continue Reading UK ICO Publishes Updated Opinion on Age Assurance