Locations
October has been an especially busy time in the world of data and privacy but fear not, this month's episode of the Fieldfisher's Data & Privacy Matters podcast dives into all the key stories.
First up, Camille Ebden, Anna Rawlinson and Sophia Steiger discuss the Data (Use and Access) Bill that has been introduced to the UK Parliament and some of the main changes that it proposes to introduce to the UK data and privacy landscape.
They then turn to Europe, where legitimate interests have been a hot topic with a CJEU judgement and draft guidelines from the EDPB on the subject. They also look at the Lindenapotheke case and the impact this CJEU judgement might have on the interpretation of health data.
Don't miss a thing, subscribe today!
Stay up to date by subscribing to the latest Data and Privacy insights from the experts at Fieldfisher.
Subscribe nowThe episode then explores key news stories from the ICO, such as their focus on protecting children online, plans for ICO-approved AdTech certification and the launch of their new data protection audit framework.
Cyber security regulation takes a turn in the spotlight next as the team look at NIS2 and the Cyber Resilience Act before rounding up with some key enforcement action from the past month.
Sources of the news discussed:
UK Data (Use and Access) Bill)
- Data (Use and Access) Bill [HL] - Parliamentary Bills - UK Parliament
- Statement in response to the introduction of the Data Use and Access Bill in the House of Lords | ICO
EDPB
- Guidelines 1/2024 on processing of personal data based on Article 6(1)(f) GDPR | European Data Protection Board
- CJEU judgement on legitimate interests
- Opinion 22/2024 on certain obligations following from the reliance on processor(s) and sub-processor(s) | European Data Protection Board
- CEF 2025: EDPB selects topic for next year’s Coordinated Action | European Data Protection Board
CJEU
- CURIA - Lindenapotheke Case C-21/23
- May you inadvertently be processing special category data? | Fieldfisher
Europe
- IEWG - Norwegian DPA Concluding Statement Data Scraping - EN
- Global privacy authorities issue follow-up joint statement on data scraping after industry engagement | ICO
- European Commission launches public consultation on the rules for researchers to access online platform data under the Digital Services Act | Shaping Europe’s digital future
UK News
- UK Review of EU-UK adequacy - Letter to the Rt. Hon. Peter Kyle MP - 22.10.24.pdf
- ICO Fees - august-2024-management-accounts.pdf
- Data Protection Practitioners' Conference | ICO
- Statement on ICO’s work to protect children online | ICO
- The UK’s ICO Is Helping Ad Tech Companies With Privacy Compliance | AdExchanger
- New data protection audit framework launched to help organisations improve compliance | ICO
Cyber security
- NIS2 across the EU | Fieldfisher
- NIS2: Commission implementing regulation on critical entities and networks | Shaping Europe’s digital future
- Cyber resilience act: Council adopts new law on security requirements for digital products - Consilium
Enforcement
- Irish Data Protection Commission fines LinkedIn Ireland €310 million | 24/10/2024 | Data Protection Commission
- Levales Solicitors LLP | ICO
- DSG Retail Limited -v- Information Commissioner [2024] UKUT 287 (AAC)
- £120k issued in fines to two companies for predatory marketing campaigns | ICO
- Two companies fined a total of £150k after bombarding people with spam texts offering financial, debt services | ICO