Data and Privacy Matters: Legal updates - October 2025
Skip to main content
Select location
  • Insights
  • Data and Privacy Matters: Legal updates - October 2025
Podcast

Data and Privacy Matters: Legal updates - October 2025

Lorna Cropper
14/11/2025
Emma Yaltaghian
 
A close-up of computer code displayed on a screen, with lines of code in vibrant blue, pink, and purple colors. One line of text is highlighted in red, stating "[error] virus detected," indicating a security issue within the code.

In the latest episode of Fieldfisher’s Data and Privacy Matters podcast, hosts Lorna CropperEmma Yaltaghian and Sophie Gosling provide a comprehensive roundup of the key legal developments from October 2025.

 

The team start by discussing the Irish DPC’s €530 million fine against TikTok, with the regulator finding that TikTok had not applied appropriate safeguards when transferring data to China and had fallen short on its transparency obligations. The team also reviewed the EDPB’s opinion on the UK’s adequacy decision, which welcomed continued alignment with EU standards but raised concerns over new ministerial powers introduced under the Data (Use and Access) Act

They continue with coverage of the ICO’s successful appeal against Clearview AI, confirming that the regulator can take enforcement action against overseas organisations processing UK residents' data - even if they are third party controllers and do not engage in such monitoring themselves. The ICO’s ongoing consultations were also discussed, including new guidance on enforcement and the upcoming charitable purpose soft opt-in for direct marketing.

Don't miss a thing, subscribe today!

Stay up to date by subscribing to the latest Data and Privacy insights from the experts at Fieldfisher.

Subscribe now

The team reflects on the high-profile case of former MasterChef host Gregg Wallace, who brought legal action against the BBC for delayed responses to his data subject access requests, highlighting the operational and reputational risks of mishandled DSARs.

Finally, the team discusses several major enforcement actions. Capita was fined £14 million following its 2023 ransomware attack, Grindr’s €6.5 million penalty for unlawful data sharing was upheld in Norway, and the Dutch DPA fined Experian €2.7 million for unlawful credit profiling.

Sources of the news discussed:

Data Transfers:

Inquiry into TikTok Technology Limited April 2025.pdf

Draft UK adequacy decisions: EDPB adopts opinions | European Data Protection Board

Coordinated Enforcement Framework: EDPB selects topic for 2026 | European Data Protection Board

ICO:

John Edwards' own highlights LinkedIn

Parliamentlive.tv - Science, Innovation and Technology Committee

ICO call for views on enforcement procedural guidance | ICO

Direct marketing: ICO publishes consultation on "soft opt-in" for charities

Annual Review 2025 launch - NCSC.GOV.UK

Age verification:

https://www.theguardian.com/games/2025/oct/07/discord-data-breach-proof-of-age-id-leaked

Data protection rights:

https://www.bbc.co.uk/news/articles/cg7dlem0vdno

Enforcement:

Experian krijgt boete van 2,7 miljoen euro voor privacyovertredingen | Autoriteit Persoonsgegevens

Dom i lagmannsretten om rekordbot mot sjekkeappen Grindr – NRK Norge – Oversikt over nyheter fra ulike deler av landet

Capita fined £14m for data breach affecting over 6m people | ICO

Artifical Intellegence:

New blueprint for AI regulation could speed up planning approvals, slash NHS waiting times, and drive growth and public trust - GOV.UK

UK Upper Tribunal hands down judgment on Clearview AI Inc | ICO

You may also be interested in...
A digital illustration featuring a series of glowing padlocks, alternating between locked (in pink) and unlocked (in blue), against a background of numbers and code. The image symbolizes cybersecurity and data protection.
Insight
BNetzA launches consultation on new IT security catalogue
19/11/2025
A bright, glowing padlock icon in neon blue is displayed at the center against a dark background filled with floating binary code in shades of purple. The image conveys themes of digital security and encryption.
Data and Privacy
Data and Privacy
Podcasts
Data and Privacy Matters: Legal Updates - September 2025
20/10/2025
Public & Regulatory
Public & Regulatory
Insight
Ofcom’s consultation on preserving child data — what you need to know
07/10/2025
A glowing lock icon is centered against a background of binary code (1s and 0s), symbolizing digital security. The binary code is displayed in horizontal lines, with shades of blue and purple creating a dynamic, futuristic appearance.
Data and Privacy
Data and Privacy
Insight
Pseudonymisation scrutinised by the CJEU
24/09/2025
A digital illustration featuring a series of glowing padlocks, alternating between locked (in pink) and unlocked (in blue), against a background of numbers and code. The image symbolizes cybersecurity and data protection.
Insight
BNetzA launches consultation on new IT security catalogue
19/11/2025
A bright, glowing padlock icon in neon blue is displayed at the center against a dark background filled with floating binary code in shades of purple. The image conveys themes of digital security and encryption.
Data and Privacy
Data and Privacy
Podcasts
Data and Privacy Matters: Legal Updates - September 2025
20/10/2025
Public & Regulatory
Public & Regulatory
Insight
Ofcom’s consultation on preserving child data — what you need to know
07/10/2025
A glowing lock icon is centered against a background of binary code (1s and 0s), symbolizing digital security. The binary code is displayed in horizontal lines, with shades of blue and purple creating a dynamic, futuristic appearance.
Data and Privacy
Data and Privacy
Insight
Pseudonymisation scrutinised by the CJEU
24/09/2025