1. ICO serves Experian with enforcement notice (link). Investigation into data protection compliance in the direct marketing data broking sector (link).
  2. British Airways fine reduced to £20M. What does the French CNIL say about its involvement in the British Airways fine (link).
  3. Government consults on regulation for consumer smart product cyber security (link).
  4. Data transfers: Recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data (link). Strategy for Union institutions, offices, bodies and agencies to comply with the ‘Schrems II’ Ruling (link). Commission Implementing Decision on standard contractual clauses for the transfer of personal data to third countries (link).
  5. IAB Europe’s ad tracking consent framework found to fail GDPR standard (link).
  6. Draft Council Resolution on Encryption - Security through encryption and security despite encryption (link).
  7. EDPB Recommendation 02/2020 on the European Essential Guarantees for surveillance measures (link).
  8. The ICO has published a report on Audits of data protection compliance by UK political parties (link).
  9. ICO’s detailed guidance on criminal offence data (link).
  10. ICO’s Onfido regulatory sandbox report relating to consumer verification (link).
  11. ICO’s FutureFlow regulatory sandbox relating to monitoring of fraudulent transactions (link).
  12. ePrivacy proposal update: New COVID19 ‘metadata’ rules in leaked ePrivacy text (link).
  13. California Privacy Rights Act (CPRA) passed (link).
  14. European Parliament resolution of 20 October 2020 with recommendations to the Commission on a framework of ethical aspects of artificial intelligence, robotics and related technologies (link).
  15. Report on Automating image abuse (link).
  16. The expert group comprised of IT teachers issued a paper speaking against schools adopting Office 365 in the German state of Baden-Württemberg (link).
  17. The Norwegian DPA fines almost 14,000 euros Odin Flissenter (link).
  18. The ICO has published its latest guidance on subject access requests (link).
  19. The AEPD approves the first Code of Conduct under the GDPR (link).
  20. ICO fines Ticketmaster £1.25M (link).
  21. Consequences of having video-surveillance cameras inside your vehicle that can be oriented towards public space (link).
  22. Irish’s Data Protection Commission fines Tusla Child and Family Agency €75,000 (link).
  23. Canadian Privacy guide for Businesses from the Office of the Privacy Commissioner of Canada (link).