The Information Commissioner’s Office (‘ICO’) has issued new guidance for public consultation on cross-border transfers of personal data from the UK to third countries without an adequacy decision, replacing the old Standard Contractual Clauses (‘SCCs’) which are currently in use for such transfers.

The guidance has three documents:

  • Guidance on conducting Schrems transfer impact assessment

The UK Information Commissioner’s Office is calling for collaboration with UX and design firms for the implementation of the Age-Appropriate Design Code.

Per the ICO:

“We know that the aims of the design community align with this vision set out in the Children’s Code and can see design practices evolving. Designers are more conscious of

The United Kingdom’s Information Commissioner’s Office published its action plan for 2021.

Areas of focus include:
  • the Age Appropriate Design Code
  • data sharing.
  • data broking,
  • the use of sexual crime victims’ personal information,
  • adtech, including audits focused on digital marketing platforms.
Additional guidance is forthcoming on:
  • political campaigning
  • facial recognition,
  • codes of conduct and certification

Blockchain and data protection: A report issued by the Law Society and Tech London Advocates & Global Tech Advocates highlights the extent of unknowns in a series of questions posed for the UK Information Commissioner’s Office.

  • What does “all means reasonably likely to be used” mean under Recital 26 of the General Data Protection Regulation

The UK’s Information Commissioner Office’s has issued a revised statement on the Schrems II.

“Further work is underway by the European Commission and EDPB to provide more comprehensive guidance on extra measures you may need to take. In the meantime you should take stock of the international transfers you make and react promptly as guidance

The UK Information Commissioners’ Office says government can use personal data from mobile phones to track/fight COVID-19.

“The UK’s privacy watchdog has said the government can legally use personal data from people’s mobile phones to track and monitor behavior if it helps fight the spread of coronavirus.”

“It emerged that the government was in talks

The United Kingdom’s Information Commissioner’s Office has provided it’s guidance on COVID-19 and data privacy.

  • Public health messages are not direct marketing.
  • It’s about being proportionate – if some data processing feels excessive, then it probably is.
  • The ICO is a reasonable and pragmatic regulator… Regarding compliance with data protection, it will take into account