After our recent podcast episode on privacy and tech laws in Latin America, two of the guests, Bárbara Lazarotto and Luz Orozco, stayed behind to share some additional insights with the host, Mauricio Figueroa. Bárbara Lazarotto Can you share a bit of the work you do at the Brussels Privacy Hub? What is like day-to-day and…
UK law Investigatory Powers Act 2016 codes of practice published Various codes of practice under the Investigatory Powers Act 2016 have been published. The codes of practice set out processes and safeguards for several investigatory powers. CMA consults on releasing Google from Privacy Sandbox commitments The Competition and Markets Authority is consulting on releasing Google…
The ICO has fined genetic testing company 23andMe £2.31 million for failing to implement appropriate security measures to protect the personal information of UK users, following a large-scale cyber-attack in 2023. The penalty follows a joint investigation conducted by the ICO and the Office of the Privacy Commissioner of Canada. Between April and September 2023,…
Read More… from 23andMe fined £2.31 million for failing to protect UK users’ genetic data
Camilo Artiga-Purcell, General Counsel at Kiteworks, identifies some of the ever-increasing risks and potential consequences of rushing to use AI in legal practice Picture a partner at a leading UK law firm, racing to finalise a high-stakes merger. With a deadline looming, they turn to a free online AI tool, uploading sensitive deal documents for…
Read More… from AI Data Leaks & Shadow AI: The Legal Minefield Facing UK Organisations in 2025
The Online Safety Act 2023 established the basis for creation of an online safety super-complaints regime. The process will allow for complaints about systemic issues (features or conduct of regulated services) to be raised with the regulator where those issues are, appear to be, or present a material risk of: For the online safety super-complaints…
Read More… from Super-complaints regime for online safety due to come into force on 31 December 2025
UK law Data (Use and Access) Bill finally passes through Parliament and heads for Royal of Assent The Data (Use and Access) Bill finally completed its passage through the UK parliament on 11 June 2025. It was the third attemot at data protection reform in the UK and this final attempt was subject to a…
Ofcom has opened formal investigations into online discussion board 4chan and seven file-sharing services – Im.ge, Krakenfiles, Nippybox, Nippydrive, Nippyshare, Nippyspace and Yolobit. Ofcom has not received responses to its statutory information requests, to which services are legally required to respond. It also says that it has received complaints about the potential for illegal content…
Read More… from Ofcom opens nine new investigations under Online Safety Act 2023
During its latest plenary, the European Data Protection Board (EDPB) adopted the final version of its guidelines on Article 48 GDPR about data transfers to third country authorities. The EDPB also discussed the European Commission’s request for a joint EDPB-EDPS opinion on the draft proposal on the simplification of record-keeping obligation under the GDPR. Finally,…
UK law CMA consults on draft rules for digital markets competition regime levy The Competition and Markets Authority (CMA) is seeking views on the approach to a levy for the digital markets competition regime and draft strategic market status (SMS) levy rules under Section 110 of the Digital Markets, Competition and Consumers Act 2024. Section…
Amanda Chaboryk, Chris Cartmell, and Stephanie Baker, of PwC, raise some early considerations about the seemingly inevitable spread of agentic AI into legal departments IntroductionArtificial Intelligence (AI) has played an increasingly prominent role within legal, starting as early as the 90’s, when legal databases started incorporating natural language processing to optimise search and retrieval. Leaping…
Read More… from The (Speculative) Rise of AI Agents in Legal