Some of the biggest personal data breaches in recent history have involved cyber-attacks on organisations by malicious third parties. A significant example is Yahoo’s breach, which […]
Introduction to AI and GDPR compliance Since the release of ChatGPT last year, there have been widespread concerns within the community of lawmakers and regulators about […]
Serious data breaches can be extremely costly for organisations when they occur. Despite this, we find that many businesses are unprepared for dealing with such an […]
The latest UK Data Protection Index report, produced jointly by The DPO Centre and Data Protection World Forum (DPWF) and based on a quarterly survey of […]
In November 2021, France’s Supervisory Authority, the Commission national de l’informatique et des libertes (CNIL), published its draft recommendation on password management, which was open to […]
On the 6th September 2019, the USA’s National Institute of Standards and Technology (NIST) published a preliminary draft of its new privacy framework entitled ‘Privacy Framework: […]
The NIS Directive is an EU Directive that was enacted into UK law as The Network and Information Systems Regulations 2018 (NIS Regulation). The NIS focusses […]
At £183.4m (US$228m) or 1.5% of BA’s worldwide revenue in 2017, this fine by the UK Information Commissioner’s Office (ICO) sets a new precedent in the […]
Our December 2018 blog post entitled “Data Subject Access Request = 4 words to fear?”, explained the need for a robust and efficient process for responding […]