GDPR, Privacy & Cyber news from around the world as it happens.

What started as an internal knowledge base of news articles to ensure our trainers remain on top of the latest industry developments, is now a free resource for everyone.

3 ways to stay up-to-date

  • Online

    Online

    View the latest news
    online or search the
    archive below

    Get RSS feed
Filter by:
  • Data Protection
  • Security
  • Audience
  • Publisher
Sort by:
Hide advanced filters

The Verge

Zoom announces focus on fixing privacy and security issues

ghacks.net

You can now disable Microsoft Windows 10 Enterprise diagnostic data

EDPS

Wojciech Wiewiórowski calls for EU digital solidarity against COVID-19

IAPP

Will complying with India's privacy law mean violating GDPR?

IAPP

Why this risk management best practice is not fit for digital innovation

IAPP

White Paper – 2020 Global Legislative Predictions

Thomas Le Bonniec

Whistleblower alerts DPAs to Apple's Siri - she's still listening in

IAPP

What lives between data privacy and data governance? Better compliance

Chronicle of Data Protection

What is the Future of UK Data Protection?

IAPP

What is and what isn't subject to a DPIA under GDPR? An update

Econsultancy

What have we learned about GDPRs impact on marketing so far?

The Guardian

Virgin Media leaked data included adult site requests

The Guardian

Virgin Media data breach

Infosecurity Magazine

Virgin Media could face hefty compensation costs over data breach

Harvard Business Review

Use your customer data to help them

The Guardian

Use of facial recognition causes anger at south Wales football derby

The Guardian

Use of Facial recognition at South Wales derby 'a step too far'

WIRED

US wages war on digital trade barriers

The Register

United Nations admits serious data breach

New Statesman

UK to get EU adequacy agreement – also may lose it

The Guardian

UK police's facial recognition technology breaches human rights laws

HM Government

UK outlines plans for data adequacy EU negotiations

UK Government

UK outlines framework for adequacy discussions

The Guardian

UK may lose access to EU data after a series of scandals

The Guardian

UK makes impossible Europol database demands in EU talks

Sky News

UK Government O2 location data to tackle coronavirus outbreak

Matt Hancock on Twitter

UK Gov: Coronavirus response exempt from GDPR

The Telegraph

UK drops NHS contact-tracing app for Apple-Google model

EDPB

Twenty-third EDPB Plenary (held remotely)

EDPB

Twenty-sixth EDPB Plenary (held remotely)

EDPB

Twenty-forth EDPB Plenary (held remotely)

EDPB

Twenty-first EDPB Plenary (held remotely)

EDPB

Twenty-eighth EDPB Plenary (held remotely)

EDPB

Twentieth EDPB Plenary (held remotely)

Politico

Trump is going after the GDPR

Reuters

Total Fines for European privacy breaches stands at €114m (£97.3m)

EDPB

Thirty-second EDPB Plenary (held remotely)

EDPB

Thirty-first EDPB Plenary (held remotely)

EDPB

Thirtieth EDPB Plenary (held remotely)

The CNIL

The right to be forgotten FAQs

Sweedish DPA

Swedish DPA imposes a €7 administrative fine on Google

IAPP

Swedish DPA fines Google in RTBF case

FRA

Survey into Europeans views about online personal data

Open Rights Group

Submission to ICO for consultation on Right of Access Guidance

FTI Consulting

Study shows corporates are changing their views on privacy investment

ICO

Statement: Insolvency practitioners are to be responsible when dealing with personal data

ICO

Statement on data protection and Brexit implementation – what you need to do

Infosecurity Magazine

Sports retailer leaks 123M records

ZDNet

Smart speakers accidentally record you up to 19 times per day

ICO

Six data protection steps for businesses

IAPP

Seeking clarity on the role of the DPO

11KBW Panopticon Blog

Section 166 DPA18 complaint

Inside Privacy

Scope of GDPR Right of Access Decided by Dutch Court

Inside Privacy

Review of online targeting by the Centre for Data Ethics and Innovation

The Guardian

Review finds Cabinet Office risks additional data breaches

EDPS

Result of investigation into use of Microsoft solutions by EU institutions

CIPL

Report examines organisational accountability

DLA Piper

Report - GDPR Data Breach Survey 2020

Cisco

REPORT - Cisco Data Privacy Benchmark Study 2020

IAPP

Reconciling US export control law and Swedish privacy law

The Guardian

Private companies tracking council web visitors on benefits and disability

IAPP

Privacy professionals play an essential role in preventing discrimination

IAPP

Privacy in the Wake of COVID-19: Report

ICO

Privacy considerations when combatting COVID-19 with personal data

Open Rights Group

Privacy concerns of the immigration sector

IAPP

Preparing for Brexit: Are privacy pros ready?

EDPB

Post-Brexit adequacy agreement at risk due to UK-US data deal

Open Rights Group

Political accountability more important than ever

The Times

Police in Scotland agree to share data on dangerous offenders

Infosecurity Magazine

Physical data destruction vital

Express & Star

Parish council pays resident £2500 for posting his details on Facebook

BBC News

Organisers of RideLondon apologise following data breach

Infosecurity Magazine

Ordnance Survey Data Breach

TechCrunch

Oracle BlueKai: Web-tracking data spilled online

Forbrukerrådet

Online Advertising Out of Control

NOYB

NOYB alleges Google tracking violates GDPR

NHSX

NHSX contract-tracing DPIA

ICO

NHSX contact tracing statement plus Google & Apple initiative opinion

UK Government

NHS to use data to target Covid-19 hot spots

The Guardian

NHS medical records accessed by drugs companies

The Guardian

NHS in dispute with Apple and Google over contact-tracing

UKAuthority

NHS Digital expands vulnerable children data sharing system

The Guardian

New year honours recipients exposed by Government

IAPP

New working group aims to tackle adtech

EDPB

New EDPB COVID-19 outbreak data protection statement

Royal College of Policing

New Code of Practice for Law Enforcement Data Service

BBC News

Network Rail wi-fi provider data breach

Infosecurity Magazine

Nearly 1300 Devices Lost by London Councils in Three Years

11KBW Panopticon Blog

Morrisons wins in the Supreme Court

Reuters

Mobile operators sharing data in Europe to coronavirus virus

The Telegraph

Microsoft’s Satya Nadella says Data Privacy is a ‘Human Right’

The Telegraph

Microsoft’s defends centralised NHS data centre amid privacy concerns

IAPP

Microsoft launches open-source privacy mapping tool

ZDNet

Microsoft agrees not to "use your data for advertising or profiling"

The Times

Met Police remove almost 1,000 names from gangs matrix

EDPB

Member State Enforcement News

Reuters

Max Schrems files compliant with German DPA against Amazon

Infosecurity Magazine

Marriott discovers new data breach affecting 5.2m guests

EDPB

March EDPB Plenary Cancelled

IAPP

Managing data breaches in the cloud

Open Rights Group

Listen to your members over data rights

IAPP

Leverage your privacy program to manage brand reputation risks

DLA Piper

Leaked Whitepaper - AI Regulation and Data Protection in the EU

BBC News

Keir Starmer campaign team accused of data breach

Privacy Affairs

Keep track of GDPR fines and statistics

BBC News

Just Park data breach affects thousands

European Commission

Jourová, Reynders release joint statement ahead of Data Privacy Day

EU Commission

Joint statement ahead of GDPR 2nd anniversary

Herbert Smith Freehills

Japan grants UK adequacy status post-Brexit

IAPP

Is my dataset anonymized? A primer

Independent.ie

Irish DPC seeks EU opinions on Zoom's privacy failings

Irish DPC

Irish DPC releases security guidance for controllers

EURACTIV

Irish DPC receives criticism over the handling of Facebook case

Reuters

Irish DPC reaches preliminary decision in Twitter investigation

Irish DPC

Irish DPC publishes annual report

Irish DPC

Irish DPC publishes 2018 to 2020 GDPR regulatory activities report

TechCrunch

Irish DPC probes Apple after complaint

IAPP

Irish DPC discusses role of DPO at RSA

Politico

Irish Data Protection Commission under pressure to act

The Register

Interserve data breach affects 100,000 employees

11KBW Panopticon Blog

International Data Transfers: There is Life in Standard Clauses Yet

Sidley

Information Commissioner delays British Airways and Marriott GDPR Fines

ZDNet

Incident response time down thanks to GDPR

Linklaters

In GDPR vs US discovery, non-US entities can’t avoid discovery

Open Rights Group

Immigration Bill means more surveillance for EU migrants

Digiday

ICO warns Adtech again

ICO

ICO Statement about COVID-19 and mobile phone tracking

ICO

ICO Statement - approved certification schemes

ICO

ICO Sandbox after six: blending privacy with innovation

ICO

ICO reveiwing NHSX contract tracing app DPIA

ICO

ICO publishes findings on mobile phone extraction by police

ICO

ICO publish Code of Practice to protect children’s privacy online

ICO

ICO outlines new data protection priorities during COVID-19 and beyond

ICO

ICO Monetary Penalty - London pharmacy fined £275K

ICO

ICO launches consultation on draft direct marketing code of practice

Pinsent Masons

ICO issues guidance on explaining AI decisions

ICO

ICO issues COVID-19 workplace testing guidelines

ICO

ICO guidance to businesses collecting personal data for contact tracing

ICO

ICO Blog: Adtech - the reform of real-time bidding has begun and is set to continue

UK Government

ICO and SCC issue updated DPIA guidelines for surveillance cameras

ICO

ICO accepts proposals for GDPR Codes of Conduct and Certification

IAPP

How to use 2020 to improve your incident response

IAPP

How to operationalise privacy by design

IAPP

How to manage privacy risk under both the GDPR and CCPA

IAPP

How to make your GDPR and CCPA data-management operational

IAPP

How to ensure you appoint an independent DPO

IAPP

How to build a 'culture of privacy'

ICO

How the ICO plans to regulate during coronavirus

The Register

Housing association data breach

Infosecurity Magazine

Hong Kong inspired by GDPR as it looks to strengthen privacy laws

Infosecurity Magazine

Home Office breached GDPR 100 times

VZBV

High court in Berlin upholds GDPR complaints against Facebook

BBC News

HIA investigation reveals data breach as a 'procedural error'

Politico

Head of Hamburg's DPA calls for review of GDPR enforcement process

IAPP

Hamburg DPA 'took the hard line' in fining Facebook for GDPR violation

IAPP

Guidance for a cloud migration PIA

BBC News

Grandma ordered to remove Facebook photos under GDPR

Global Privacy Assembly

GPA publish latest newsletter

The Register

Government not currently planning to share UK patient data

Reuters

Google set to downgrade UK users privacy protections

Bloomberg

Google RTBF fine overturned by French court

BBC News

Gloucestershire Council staff leave after series of data breaches

IAPP

Global pandemic incites concerns about data-sharing overreach

Reuters

Germany preparing to launch Singapore-style coronavirus app

Pincent Masons

Germany calls for stronger GDPR rules for software developers

Inside Privacy

German Supervisory Authority publish new processor standard clauses

EURACTIV

German Federal Court tells Facebook to stop cross-platform data sharing

IAPP

German DPA calls for new EU authority

Reuters

German court refers Facebook privacy case to CJEU

IAPP

GDPR’s second anniversary: A cause for celebration — and concern

IAPP

GDPR’s interplay with the pharmacovigilance sector

IAPP

GDPR ushers in civil litigation claims across the EU

Wall Street Journal

GDPR Probes to Go After AI and Sophisticated Technology

IAPP

GDPR enforcement amid COVID-19: Will DPAs be 'strong' enough?

DLA Piper

GDPR collaboration between member state to become more transparent

Pincent Masons

GDPR accountability principle integral to UK direct marketing code

Privacy & Information Security Law Blog

French DPA endorses ISO 27701 certification

Reuters

French court upholds €50 million Google data breach fine

Chronicle of Data Protection

French court rules against schools use of facial recognition

NOYB

Free resource on GDPR Decisions and Information

Privacy & Information Security Law Blog

France CNIL publishes 2019 activity report

Infosecurity Magazine

FCA confirms data breach

European Commission

FAQs on the UK's withdrawal from the EU

EURACTIV

Facial recognition technology breaches GDPR

Infosecurity Magazine

Expect further delays to BA and Marriott data breach fines

Reuters

European Union agrees deal on class action lawsuits

Politico

European regulator concerned by over lack of enforcement ‘We have a huge problem’

Chronicle of Data Protection

European DPAs’ different views on COVID-19 and data protection

EU Commission

European Commission asks for comments on GDPR review road map

European Commission

European Commission announce Data and Artificial Intelligence strategy

IAPP

Europe aims to take global lead with strategies on AI, data

Reuters

EU tells Facebook, we make the rules

EU Commission

EU sends draft Brexit treaty to UK

EU Commission

EU roadmap towards lifting of containment measures

European Parliament

EU requires data protection guarantees before exchanging fingerprints

IAPP

EU representative on 'How to operationalize Article 27' of the GDPR

Reuters

EU report reveals Ireland and Luxembourg DPAs need more support

IAPP

EU Parliament debates whether California can be considered 'adequate' on its own?

Reuters

EU expects Data protection to be part of post-Brexit agreement

Bloomberg

EU considering clampdown on digital assistants

Bloomberg

EU & US Regulators Target Children’s Privacy & Big Tech

IAPP

ePrivacy proposal critics: Legitimate interest provisions not legitimate

The Register

Entire travel itineraries stolen in EasyJet data breach

IAPP

Embedding data ethics into your ‘culture of privacy’

EDPS

EDPS to hold web-tracking panel

EDPS

EDPS strategy can adapt for a world that's changed

EDPS

EDPS Strategy 2020 to 2024

EDPS

EDPS releases opinion on European data strategy

EDPS

EDPS releases its opinion on the negotiations for a new UK partnership

EDPS

EDPS publishes 2019 annual report

EDPS

EDPS inquiry into 2019 European Parliament election activities closed

EDPS

EDPS discuss challenges and opportunities surrounding AI and Facial Recognition

EDPS

EDPS delivers its opinion on data protection for scientific research

Reuters

EDPB warns of privacy risks in Google, Fitbit merger

EDPB

EDPB publishes GDPR one-stop-shop registry

EDPB

EDPB publishes GDPR implementation review

EDPB

EDPB Plenary Session 18

EDPB

EDPB Plenary Session 17

EDPB

EDPB outlines development of GDPR data subject right guidance

EDPB

EDPB Chair issues statement about COVID-19 outbreak

EDPB

EDPB board to conduct remote meetings weekly

IAPP

EC calls for harmonisation, addresses data transfers in GDPR review

Reuters

easyJet data breach affects 9m customers

Inside Privacy

Dutch supervisory authority to investigate connected cars

The Guardian

Draft government memo proposes de-anonymising COVID-19 app data

IAPP

DPOs seek more tools to measure job efficacy, progress

Irish DPC

DPC Report on the use of cookies and tracking technologies

Reuters

DPC prepares draft decisions in first two big tech inquiries

TechCrunch

DPC launches new probe into Tinder

Reuters

DPC launches new probe into Google’s processing of location data

IAPP

DPAs talk priorities at IAPP Europe DPI: France

IAPP

Do we need something similar to Incoterms for data transfers?

Inside Privacy

Digital Health Resolution Endorsed by European Parliament

IAPP

Developing digitised solutions for customers? Here's what to think about

ICO

Data protection expectations on contact tracing app development

ICO

Data Protection Day 2020

ICO

Data protection and coronavirus

Adweek

Data ethics becoming more important for marketing

Autoriteit Persoonsgegevens (Dutch DPA)

Data breach reports rise 29% in 2019

The Register

Data breach at Sheffield City Council leaks 8.6m records

Politico

Data breach at European Parliament exposes 1,200 officials details

Chronicle of Data Protection

Customer communications during the coronavirus

IAPP

Croatian Presidency tempers expectations on ePrivacy progress

IAPP

COVID-19 response and data protection law in the EU and US

COVID-19 Round-up

COVID-19 privacy news (w/e 9th April)

COVID-19 Round-up

COVID-19 privacy news (w/e 7th May)

COVID-19 Round-up

COVID-19 privacy news (w/e 5th June)

COVID-19 Round-up

COVID-19 privacy news (w/e 3rd July)

COVID-19 Round-up

COVID-19 privacy news (w/e 29th May)

COVID-19 Round-up

COVID-19 privacy news (w/e 26th June)

COVID-19 Round-up

COVID-19 privacy news (w/e 24th April)

COVID-19 Round-up

COVID-19 privacy news (w/e 22nd May)

COVID-19 Round-up

COVID-19 privacy news (w/e 1st May)

COVID-19 Round-up

COVID-19 privacy news (w/e 19th June)

COVID-19 Round-up

COVID-19 privacy news (w/e 17th April)

COVID-19 Round-up

COVID-19 privacy news (w/e 15th May)

COVID-19 Round-up

COVID-19 privacy news (w/e 12th June)

COVID-19 Round-up

COVID-19 privacy news

Open Rights Group

COVID-19 impact our privacy but not our right to know

Chronicle of Data Protection

COVID-19 checklist for IT service provider contracts

ICO

COVID-19 and data protection information for community groups

DLA Piper

Contact-tracing requirements for businesses

IAPP

Compare the Indian Personal Data Protection Bill 2019 v GDPR

CIO Dive

Companies fear privacy compliance is unsustainable

IAPP

CJEUs Schrems II decision scheduled for 16th July

Privacy & Information Security Law Blog

CIPL offers opinion on GDPR review

Chromium Blog

Chrome to phase out third-party cookies in response to user demand for greater privacy

The Register

Chrome can track you across Google sites using per-install ID numbers

IAPP

Brussels Court of Appeal overrules first DPA fine to a private company

Brave

Brave files formal GDPR complaint against Google

TechCrunch

Brave criticises European Commission for shortage of GDPR resourcing

ICO

Blog: Don’t get caught out when it comes to pupil photos

The Times

Betting companies access data for 28m children

Inside Privacy

Belgian SA publishes 2019 activity report

DLA Piper

Belgian DPA reveals 5-year plan

Privacy & Information Security Law Blog

Belgian DPA Releases Direct Marketing Recommendation

Privacy & Information Security Law Blog

Belgian DPA issues fine over DPO appointment GDPR breach

The Guardian

Babylon Health GP app data breach

MLex 

BA and Marriott expect lower fine and more time from UK ICO

Reuters

Avast to close down Jumpshot after data scandal

IAPP

Are IP addresses personal information?

EDPB

April EDPB Plenary Cancelled

Digiday

Apple’s new privacy features have bigger impact on location-based ads

Vice

Antivirus collecting and selling browsing data of millions

IAPP

Aggregated data provides a false sense of security

TechCrunch

Adtech industry breathes a sigh of relief as ICO pauses RTB investigation

Irish DPC

Accountability through codes of conduct and certification

11KBW Panopticon Blog

Accessing information via the Disclosure and Barring Service

IAPP

Absent guidelines, many questions on facilitating SARs

11KBW Panopticon Blog

A review of the law involving Coronavirus

EDPS

A quick-guide to necessity and proportionality

IAPP

A lawyer’s guide to pseudonymisation and anonymisation

Infosecurity Magazine

9 in 10 data breach incidents in UK caused by human error

Infosecurity Magazine

8m shoppers details leaked

The Register

60 ICO cases halted by Tribunal

IAPP

5G to raise privacy challenges and opportunities

IAPP

5 business impacts from the advocate general’s opinion on Schrems 2.0

IAPP

4 GDPR-certification myths dispelled

IAPP

3 reasons why Europe's connected vehicle guidelines matter

Open Rights Group

3 main political parties deny scale of personal data use

IAPP

2020 and data protection: Not only COVID-19

EDPB

2019 EDPB annual report

The Register

118 118 Money data breach

IAPP

11 drafting flaws to address in the upcoming GDPR review

GDPR Training | Certified and Bespoke Courses Available

Find out more

COVID-19: FLEXIBLE, LIVE ONLINE BCS & IAPP TRAINING NOW AVAILABLE - PLEASE CONTACT FOR DETAILS