
On 11 June 2025, the UK’s Data (Use and Access) Act 2025 (“DUA Act”) was passed and now awaits Royal Assent.
The government first announced plans for the new DUA Act in the King’s speech back in July 2024. The
The Italian Data Protection Authority (the Garante) has issued its first GDPR fine for, among other breaches, unlawful retention of metadata from employees’ emails and web browsing activities. The decision applies, for the first time, the Garante’s highly discussed guidelines…
The European Commission has published its proposal for a new regulation simplifying the EU General Data Protection Regulation (“GDPR”) requirements for small mid-cap enterprises (“the Proposal”). The Proposal forms part of the European Commission’s Omnibus IV Simplification Package and comes…
In a decision on immaterial damages under Article 82 of the EU General Data Protection Regulation (GDPR), the Higher Regional Court of Dresden, Germany (case number 4 U 940/24), set out important monitoring and auditing obligations of controllers…
On April, 8 2025, the Department of Justice’s final rule, implementing the Biden-era Executive Order 14117 restricting the transfer of Americans’ Sensitive Personal Data and United States Government-Related Data to countries of concern (the “Final Rule”), came into force.…