GDPR, Privacy & Cyber news from around the world as it happens.

What started as an internal knowledge base of news articles to ensure our trainers remain on top of the latest industry developments, is now a free resource for everyone.

3 ways to stay up-to-date

  • Online

    Online

    View the latest news
    online or search the
    archive below

    Get RSS feed
Filter by:
  • Data Protection
  • Security
  • Audience
  • Publisher
Sort by:
Hide advanced filters

Infosecurity Magazine

Zooms privacy and security problems deepen

Vice

Zoom facing lawsuit for sharing data with Facebook

The Verge

Zoom announces focus on fixing privacy and security issues

ghacks.net

You can now disable Microsoft Windows 10 Enterprise diagnostic data

EDPS

Wojciech Wiewiórowski calls for EU digital solidarity against COVID-19

IAPP

With the CCPA now in effect, will other states follow?

IAPP

Will complying with India's privacy law mean violating GDPR?

IAPP

Why this risk management best practice is not fit for digital innovation

The Register

Who's responsible for data protection compliance in the cloud?

IAPP

White Paper – 2020 Global Legislative Predictions

The Hill

What we've learned about the cost of the CCPA so far

Chronicle of Data Protection

What is the Future of UK Data Protection?

IAPP

What is and what isn't subject to a DPIA under GDPR? An update

The Guardian

Virgin Media leaked data included adult site requests

The Guardian

Virgin Media data breach

Infosecurity Magazine

Virgin Media could face hefty compensation costs over data breach

The Guardian

Use of facial recognition causes anger at south Wales football derby

The Guardian

Use of Facial recognition at South Wales derby 'a step too far'

The Register

United Nations admits serious data breach

HM Government

UK outlines plans for data adequacy EU negotiations

UK Government

UK outlines framework for adequacy discussions

The Guardian

UK may lose access to EU data after a series of scandals

Sky News

UK Government O2 location data to tackle coronavirus outbreak

Matt Hancock on Twitter

UK Gov: Coronavirus response exempt from GDPR

The Guardian

UK broke the law cooperating with US over two alleged Isis killers

EDPB

Twentieth EDPB Plenary (held remotely)

ICO

Trust, technology and slippers with torches

Reuters

Total Fines for European privacy breaches stands at €114m (£97.3m)

Gizmondo

Tinder new safety feature shares user data

Infosecurity Magazine

Thousands of Baby Photos and Videos Leaked Online

The CNIL

The right to be forgotten FAQs

11KBW Panopticon Blog

The Court of Justice of the European Union is always watching

Sweedish DPA

Swedish DPA imposes a €7 administrative fine on Google

IAPP

Swedish DPA fines Google in RTBF case

Vice

Surveillance Cameras Uncover New Insights Into Human Behavior

11KBW Panopticon Blog

Supreme court ruling on international data transfers

Open Rights Group

Submission to ICO for consultation on Right of Access Guidance

FTI Consulting

Study shows corporates are changing their views on privacy investment

ICO

Statement: Insolvency practitioners are to be responsible when dealing with personal data

ICO

Statement on data protection and Brexit implementation – what you need to do

Express & Star

Staffordshire Police accused of making secret requests to NHS over mental health of complainants

Infosecurity Magazine

Sports retailer leaks 123M records

ZDNet

Smart speakers accidentally record you up to 19 times per day

IAPP

Seeking clarity on the role of the DPO

11KBW Panopticon Blog

Section 166 DPA18 complaint

Scottish Government

Scottish Parliament backs oversight of police use of biometric data

Inside Privacy

Scope of GDPR Right of Access Decided by Dutch Court

Inside Privacy

Review of online targeting by the Centre for Data Ethics and Innovation

11KBW Panopticon Blog

Representative action withdrawn in Atkinson v Equifax

DLA Piper

Report - GDPR Data Breach Survey 2020

Cisco

REPORT - Cisco Data Privacy Benchmark Study 2020

IAPP

Reconciling US export control law and Swedish privacy law

Open Rights Group

Public kept in the dark over data-driven political campaigning

Cherwell

Professor linked to Cambridge Analytica scandal

The Guardian

Private companies tracking council web visitors on benefits and disability

IAPP

Preparing for Brexit: Are privacy pros ready?

Reuters

Pope, tech companies, call for facial recognition regulation

Open Rights Group

Political accountability more important than ever

The Times

Police in Scotland agree to share data on dangerous offenders

Infosecurity Magazine

Physical data destruction vital

BBC News

Organisers of RideLondon apologise following data breach

Infosecurity Magazine

Ordnance Survey Data Breach

11KBW Panopticon Blog

Oral processing under DPA98

Digiday

Online advertising suffering from an ‘identity crisis’ at annual IAB meeting

Forbrukerrådet

Online Advertising Out of Control

UK Government

NHS to use data to target Covid-19 hot spots

The Guardian

NHS medical records accessed by drugs companies

The Guardian

New year honours recipients exposed by Government

IAPP

New working group aims to tackle adtech

EDPB

New EDPB COVID-19 outbreak data protection statement

Inside Privacy

New Draft CCPA Regulations Released

The Guardian

New Cambridge Analytica leak - Data Targeting Out Of Control

BBC News

Network Rail wi-fi provider data breach

Infosecurity Magazine

Nearly 1300 Devices Lost by London Councils in Three Years

11KBW Panopticon Blog

Morrisons wins in the Supreme Court

Reuters

Mobile operators sharing data in Europe to coronavirus virus

The Telegraph

Microsoft’s Satya Nadella says Data Privacy is a ‘Human Right’

The Telegraph

Microsoft’s defends centralised NHS data centre amid privacy concerns

IAPP

Microsoft launches open-source privacy mapping tool

ZDNet

Microsoft agrees not to "use your data for advertising or profiling"

The Guardian

Met Police remove hundreds of names from gangs matrix

EDPB

Member State Enforcement News

Reuters

Max Schrems files compliant with German DPA against Amazon

EU Observer

Mass surveillance still possible under EU-US privacy shield

Infosecurity Magazine

Marriott discovers new data breach affecting 5.2m guests

EDPB

March EDPB Plenary Cancelled

IAPP

Managing data breaches in the cloud

Open Rights Group

Letter to MPs - Government, Must Pledge to Uphold Data Privacy

11KBW Panopticon Blog

Leave.EU PECR appeals dismissed by tribunal

DLA Piper

Leaked Whitepaper - AI Regulation and Data Protection in the EU

Infosecurity Magazine

Leaked Trade Report Details Outline UK-US Data Transfer Plans

BBC News

Keir Starmer campaign team accused of data breach

Privacy Affairs

Keep track of GDPR fines and statistics

BBC News

Just Park data breach affects thousands

European Commission

Jourová, Reynders release joint statement ahead of Data Privacy Day

Herbert Smith Freehills

Japan grants UK adequacy status post-Brexit

EY

ISO 27701 a framework for ongoing GDPR compliance

IAPP

Is my dataset anonymized? A primer

Irish DPC

Irish DPC releases security guidance for controllers

Irish DPC

Irish DPC publishes annual report

IAPP

Irish DPC discusses role of DPO at RSA

11KBW Panopticon Blog

International Data Transfers: There is Life in Standard Clauses Yet

Sidley

Information Commissioner delays British Airways and Marriott GDPR Fines

ZDNet

Incident response time down thanks to GDPR

Linklaters

In GDPR vs US discovery, non-US entities can’t avoid discovery

Digiday

ICO warns Adtech again

ICO

ICO statement on Metropolitan Police Service facial recognition announcement

ICO

ICO Statement about COVID-19 and mobile phone tracking

ICO

ICO Statement - approved certification schemes

ICO

ICO Sandbox after six: blending privacy with innovation

ICO

ICO publish Code of Practice to protect children’s privacy online

ICO

ICO opens applications to 3rd annual Practitioner Award for Excellence in Data Protection

ICO

ICO Monetary Penalty - DSG (Dixons) Retail fined £500k

ICO

ICO fines Scottish Company £500k

ICO

ICO fines Cathay Pacific £500k

ICO

ICO consults providers of online services accessed by children

ICO

ICO Blog: Adtech - the reform of real-time bidding has begun and is set to continue

UK Government

ICO and SCC issue updated DPIA guidelines for surveillance cameras

ICO

ICO and Australian Information Commissioner sign MoU

ICO

ICO accepts proposals for GDPR Codes of Conduct and Certification

IAPP

How to use 2020 to improve your incident response

IAPP

How to manage privacy risk under both the GDPR and CCPA

IAPP

How to make your GDPR and CCPA data-management operational

IAPP

How to build a 'culture of privacy'

The Register

Housing association data breach

Infosecurity Magazine

Hong Kong inspired by GDPR as it looks to strengthen privacy laws

Infosecurity Magazine

Home Office breached GDPR 100 times

VZBV

High court in Berlin upholds GDPR complaints against Facebook

IAPP

Hamburg DPA 'took the hard line' in fining Facebook for GDPR violation

The Register

Hacker spared prison after Police find almost 9,000 cardiac images

IAPP

Guidance for a cloud migration PIA

The Register

Government not currently planning to share UK patient data

MediaPost

Google+ Agrees $7.5 Million Settlement for Data Breach

Reuters

Google set to downgrade UK users privacy protections

Bloomberg

Google RTBF fine overturned by French court

IAPP

Global pandemic incites concerns about data-sharing overreach

Reuters

Germany preparing to launch Singapore-style coronavirus app

Pincent Masons

Germany calls for stronger GDPR rules for software developers

IAPP

German DPA calls for new EU authority

IAPP

GDPR’s interplay with the pharmacovigilance sector

IAPP

GDPR ushers in civil litigation claims across the EU

Wall Street Journal

GDPR Probes to Go After AI and Sophisticated Technology

Pincent Masons

GDPR accountability principle integral to UK direct marketing code

Federal Trade Commission

FTC approves settlement over Privacy Shield misrepresentation

Privacy & Information Security Law Blog

French DPA endorses ISO 27701 certification

NOYB

Free resource on GDPR Decisions and Information

Politico

Firms are interpreting California’s privacy law as they see fit

Infosecurity Magazine

FCA confirms data breach

European Commission

FAQs on the UK's withdrawal from the EU

EURACTIV

Facial recognition technology breaches GDPR

Reuters

Europeans should have control of their B-to-B data

Politico

European regulator concerned by over lack of enforcement ‘We have a huge problem’

Inside Privacy

European Parliament Committee Approves AI Resolution

Chronicle of Data Protection

European DPAs’ different views on COVID-19 and data protection

EU Commission

European Commission asks for comments on GDPR review road map

European Commission

European Commission announce Data and Artificial Intelligence strategy

IAPP

Europe aims to take global lead with strategies on AI, data

Reuters

EU to consider a five-year ban on facial recognition technology in public spaces

Reuters

EU tells Facebook, we make the rules

EU Commission

EU sends draft Brexit treaty to UK

IAPP

EU representative on 'How to operationalize Article 27' of the GDPR

The Intercept_

EU Police planning network of live facial recognition databases

IAPP

EU Parliament debates whether California can be considered 'adequate' on its own?

Reuters

EU expects Data protection to be part of post-Brexit agreement

Reuters

EU data privacy laws should apply in national security cases

European Parliament

EU Council to make ePrivacy presentation to Parliament

Bloomberg

EU considering clampdown on digital assistants

Bloomberg

EU & US Regulators Target Children’s Privacy & Big Tech

IAPP

ePrivacy proposal critics: Legitimate interest provisions not legitimate

Chronicle of Data Protection

ePrivacy Applies to Government Access to Communications Data - Brexit implications

EDPS

EDPS to hold web-tracking panel

EDPS

EDPS strategy can adapt for a world that's changed

EDPS

EDPS releases its opinion on the negotiations for a new UK partnership

EDPS

EDPS publishes 2019 annual report

EDPS

EDPS inquiry into 2019 European Parliament election activities closed

EDPS

EDPS discusses AI governance and supervision

EDPS

EDPS discuss challenges and opportunities surrounding AI and Facial Recognition

Reuters

EDPB warns of privacy risks in Google, Fitbit merger

EDPB

EDPB publishes GDPR implementation review

EDPB

EDPB Plenary Session 18

EDPB

EDPB Plenary Session 17

EDPB

EDPB outlines development of GDPR data subject right guidance

EDPB

EDPB Chair issues statement about COVID-19 outbreak

EDPB

EDPB board to conduct remote meetings weekly

Inside Privacy

Dutch supervisory authority to investigate connected cars

IAPP

DPOs seek more tools to measure job efficacy, progress

Irish DPC

DPC Report on the use of cookies and tracking technologies

Reuters

DPC prepares draft decisions in first two big tech inquiries

TechCrunch

DPC launches new probe into Tinder

Reuters

DPC launches new probe into Google’s processing of location data

IAPP

DPAs talk priorities at IAPP Europe DPI: France

IAPP

Do we need something similar to Incoterms for data transfers?

Inside Privacy

Digital Health Resolution Endorsed by European Parliament

Chronicle of Data Protection

Deadline Looming for California’s Data Broker Registration

11KBW Panopticon Blog

Dawson-Damer v Taylor Wessing LLP part 4

Infosecurity Magazine

Date breach at Estée Lauder exposes 440 million records

IAPP

Data review boards a promising tool to improve decision-making

ICO

Data Protection Day 2020

ICO

Data protection and coronavirus

Autoriteit Persoonsgegevens (Dutch DPA)

Data breach reports rise 29% in 2019

Chronicle of Data Protection

Customer communications during the coronavirus

IAPP

Croatian Presidency tempers expectations on ePrivacy progress

EU Council

Croatian presidency releases latest ePrivacy draft

EU Council

Croatian Presidency releases ePrivacy draft proposal

IAPP

COVID-19 response and data protection law in the EU and US

COVID-19 Round-up

COVID-19 privacy news (w/e 9th April)

COVID-19 Round-up

COVID-19 privacy news

Open Rights Group

COVID-19 impact our privacy but not our right to know

IAPP

COVID-19 Guidance and Resources

ICO

COVID-19 and data protection information for community groups

Infosecurity Magazine

Convicted iCloud voyeur from Suffolk

The Guardian

Computer Misuse Act in urgent need of reform

IAPP

Compare the Indian Personal Data Protection Bill 2019 v GDPR

CIO Dive

Companies fear privacy compliance is unsustainable

BuzzFeed News

Clearview AI sister company developing surveillance camera

The Register

Chrome can track you across Google sites using per-install ID numbers

Open Rights Group

Can Ad-Tech become an ethical industry?

IAPP

California AG's office: No delay on CCPA enforcement amid COVID-19

IAPP

Brussels Court of Appeal overrules first DPA fine to a private company

The Hill

Brazil fines Facebook R$6.6M over Cambridge Analytica

Brave

Brave files formal GDPR complaint against Google

ICO

Blog: Don’t get caught out when it comes to pupil photos

The Times

Betting companies access data for 28m children

DLA Piper

Belgian DPA reveals 5-year plan

Privacy & Information Security Law Blog

Belgian DPA Releases Direct Marketing Recommendation

MLex 

BA and Marriott expect lower fine and more time from UK ICO

Reuters

Avast to close down Jumpshot after data scandal

Reuters

Australian privacy regulator sues Facebook over alleged privacy breach

EDPB

April EDPB Plenary Cancelled

Vice

Antivirus collecting and selling browsing data of millions

IAPP

Analysis of Cabinet of Japan's approved bill to amend APPI

IAPP

Analysing the second set of modifications to draft CCPA regulations

EFF

Amazon Ring passes personal data to third-parties

Irish DPC

Accountability through codes of conduct and certification

11KBW Panopticon Blog

Accessing information via the Disclosure and Barring Service

IAPP

Accelerating AI with synthetic data

IAPP

Absent guidelines, many questions on facilitating SARs

11KBW Panopticon Blog

A review of the law involving Coronavirus

EDPS

A quick-guide to necessity and proportionality

IAPP

A brief history of Data Privacy Day

Infosecurity Magazine

9 in 10 data breach incidents in UK caused by human error

Infosecurity Magazine

8m shoppers details leaked

IAPP

5 business impacts from the advocate general’s opinion on Schrems 2.0

Ad Exchanger

5 adtech pros discuss how privacy can change the industry in 2020

IAPP

4 GDPR-certification myths dispelled

Open Rights Group

3 main political parties deny scale of personal data use

The Register

118 118 Money data breach

IAPP

11 drafting flaws to address in the upcoming GDPR review

GDPR Training | Certified and Bespoke Courses Available

Find out more