Googles decides to make easier to Reject All 

Google on laptop

Recently, Google announced its plans to introduce a “Reject All” option within its famous cookie banner. The decision was appreciated by the Information Commissioners Office, by observing this to be a change that was long awaited to improve not only the user interaction, but also the compliance aspects. The ICO in its statement was also […]

ICO and DPC Guidance Regarding Children’s Data and the Services aimed at Children

AdobeStock 396682798

Information Commissioners Office of the UK and the Data Protection Commission of Ireland recognise the special need for protecting the children and children’s data, including in the context of concerns around such data being used for various commercial purposes. Based on the principles of the GDPR, both authorities issued their guidance or set of standards […]

Regulating after the GDPR: Proposed changes to the role of the ICO


In Sept 2021 the UK Department for Digital, Culture, Media and Sport (DCMS) announced proposals to reform UK data protection legislation. The key changes are focused on making data protection compliance more streamlined and reducing burdens on organisations. However, it also includes proposed changes to the role of the Information Commissioner’s Office (ICO) and its […]

Transparency obligation and data controllers: enforcement across Europe


Much ink has been spilled on the September 2021 decision issued by the Irish Data Protection Commission (DPC) to impose a fine of €225 million on WhatsApp, the second heaviest fine under the General Data Protection Regulation (GDPR). It is noteworthy that the decision was issued after the activation of the dispute resolution mechanism of GDPR article 65, and the necessary intervention of the European Board given that eight National Supervisory Authorities (NSAs) triggered the draft decision of the DPC. However, the […]

The UK is set to diverge from the GDPR

ICO International data transfer e1545063154669 1536x819 1

On 9 September 2020, the UK Department for Digital, Culture, Media & Sport (DCMS) published its National Data Strategy, which included: “responsible data” as a core pillar and an associated “securing a pro-growth and trusted data regime” priority mission. This included a June 2021 Taskforce on Innovation, Growth and Regulatory Reform (TIGRR) proposal to: “replace the […]

GDPR fines may be susceptible to significant reductions upon appeal

AdobeStock 291849717 1

The General Data Protection Regulation (GDPR) substantially increased the amount that data protection authorities (DPAs) are empowered to fine organisations, to €20m or 4% of worldwide annual turnover. The UK Information Commissioner’s Office (ICO) has issued a limited number of fines for data protection breaches in the first 5 years of the UK GDPR. It […]

Cross-border data transfers between public authorities: the EDPB guidance

The digitalisation of the public sector and its information assets has reduced the barriers and boosted synergies in the public domain. Public authorities, now more innovative and digitalised than ever, are looking into strong synergies to better perform their tasks and execute the administrative roles efficiently. At the international level, cross-border cooperation requires a framework […]