UK UK government tables amendment to Data (Use and Access) Bill to deal with deepfakes The UK government has tabled an amendment to the Data (Use and Access Bill) to deal with deepfakes. The Data (Use and Access) Bill is currently before Parliament. The government’s amendment will criminalise intentionally creating a sexually explicit deepfake without…
During its January 2025 plenary meeting, the European Data Protection Board (EDPB) adopted guidelines on pseudonymisation, as well as a statement on the interplay of competition law and data protection. Pseudonymisation The GDPR refers to the term “pseudonymisation” as a safeguard that may be appropriate and effective to meet data protection obligations. The EDPB has…
Ofcom has published its final guidance on age assurance under the Online Safety Act 2023. It says that robust age checks are a cornerstone of the OSA. It requires services which allow pornography or certain other types of harmful content to introduce “age assurance” to ensure that children are not normally able to encounter it….
Read More… from Ofcom publishes final guidance on age checks to protect children online
The UK government is consulting on proposals to protect hospitals, railways and public services from ransomware attacks. The NCSC managed 430 cyber incidents between September 2023 and August 2024, including 13 ransomware incidents which were deemed to be nationally significant and posed serious harm to essential services or the wider economy. Reporting to the National…
Read More… from UK government consults on proposals to protect businesses from cybercrime
The Court of Justice of the European Union has ruled in Case C‑394/23 Mousse v CNIL and SNCF that asking customers to state their gender title (Mr or Ms) when buying train tickets is not necessary for the contract and may violate GDPR rules, especially the principle of data minimisation. Mousse (a LGTB association) complained…
The ICO has issued updated guidance about the use of storage and access technologies with the primary aim of giving regulatory certainty to organisations. It explains how the Privacy and Electronic Communications Regulations 2003 (as amended) (PECR) and where relevant, data protection law apply when organisations use technologies that store information, or access information stored,…
Read More… from ICO updates guidance on the use of storage and access technologies
The UK government has announced that it intends to crack down on explicit deepfakes. It will introduce new offences covering both creating and sharing deepfake images. This reflects the government’s manifesto commitment to ban the creation of sexually explicit deepfakes as well as recommendations from the Law Commission relating to intimate images. The government will…
Read More… from UK government cracks down on explicit deepfakes
The European Data Protection Board (EDPB) has adopted an opinion about using personal data when developing and deploying AI models. The opinion looks at: It also considers the use of first and third party data. The Irish Data Protection Commission requested the opinion with a view to seeking Europe-wide regulatory harmonisation. Anonymity The opinion says…
Ofcom has published its first-edition codes of practice and guidance on tackling illegal harms, such as terror, hate, fraud, child sexual abuse and assisting or encouraging suicide, under the UK’s Online Safety Act. The Act places new safety duties on social media firms, search engines, messaging, gaming and dating apps, and pornography and file-sharing sites….
Read More… from Ofcom publishes final version of illegal harms guidance under Online Safety Act
The European Commission has opened formal proceedings against TikTok for a suspected breach of the Digital Services Act in relation to TikTok’s obligation to properly assess and mitigate systemic risks linked to election integrity, notably in the context of the recent Romanian presidential elections. The investigation will focus on management of risks to elections or…