‘An NHS software provider has been fined £3m by the Information Commissioner’s Office (ICO) over security failings that led to a ransomware attack on the NHS.’
BBC News, 27th March 2025
Source: www.bbc.co.uk
‘A roundup of football law news and decisions from January and February 2025.’
Football Law, 10th March 2025
Source: www.footballlaw.co.uk
‘Apple’s appeal against a UK government demand to be able to access its customers’ most highly encrypted data is set to be considered at a secret hearing at the High Court on Friday, the BBC understands.’
BBC News, 12th March 2025
Source: www.bbc.co.uk
‘Earlier last month, The Washington Post reported that Apple, a technology company known for emphasizing privacy as one of its key selling points, had been ordered by the U.K. government to create a back door that would enable the retrieval of all content uploaded by any Apple user worldwide to iCloud. iCloud is a cloud storage service that is encrypted by default, and its users may also opt in to the use of end-to-end encryption, an additional layer of security ensuring that only the user (and not even Apple) can access the stored data.’
UK Constitutional Law Association, 13th March 2025
Source: ukconstitutionallaw.org
‘Legal controls over development and use of artificial intelligence hit an obstacle this week, as the US and UK refused to back a statement in support of AI regulation signed by 60 other countries.’
Law Society's Gazette, 18th February 2025
Source: www.lawgazette.co.uk
‘Section 179 of the Data Protection Act (DPA) 2018 places the Secretary of State under a duty to ensure that a Report is “la[id] before Parliament” on both the “use” and “effectiveness” of “relevant alternative dispute resolution procedures” in cases involving actual or alleged failures by media organisations, other than broadcasters, “to comply with the data protection legislation”. Such a duty applies at the end of a repeating three-year period. The procedures to be reported on are those provided by “persons who produce or enforce codes of practice” for such media organisations and are “alternative” in the sense of being extra-judicial. This duty was proposed after the Independent Press Standards Organisation (IPSO) – the principal self-regulator of the Press – stated (following Government pressure) that it would introduce a ‘compulsory’ arbitration procedure covering data protection.’
UK Constitutional Law Association, 12th February 2025
Source: ukconstitutionallaw.org
‘3PB’s specialist commercial, public and information law barrister Mariya Peykova has written an article titled “Online dating platforms and the law: can you afford to swipe right for love?”’
3 Paper Buildings, 29th January 2025
Source: www.3pb.co.uk
‘White mail system handles “highly sensitive personal data” and people not told it is processing their information.’
The Guardian, 27th January 2025
Source: www.theguardian.com
‘The Court of Appeal has upheld the striking out a representative action for misuse of private information. The judgment confirms the correct approach to identifying whether all claimants have the necessary ‘same interest’ in order to pursue a representative action. It highlights the risk that stripping back a claim to its lowest common denominator so as to satisfy the ‘same interest’ requirement may result in the pared down claim having no real prospect of success. Indeed, the Court of Appeal concluded that “a representative class claim for misuse of private information is always going to be very difficult to bring”.’
Henderson Chambers, 23rd December 2025
Source: www.hendersonchambers.co.uk
‘Businesses could see material changes to UK data protection laws in 2025 at a time when the compatibility of those laws with equivalent legislation in the EU will be under scrutiny.’
OUT-LAW.com, 7th January 2025
Source: www.pinsentmasons.com
‘2024 was billed to be the year of the first ‘robust and comprehensive’ UK statutory review of the extent of journalism’s compliance with data protection law and good practice, a formal appraisal which was (and is) meant to become a clear ‘part of the media landscape’ as reformed by the Data Protection Act (DPA) 2018 in the wake of the general/first part of the Leveson Inquiry. In sum, the Information Commissioner’s Office (ICO) was obliged to assess and report on the extent of journalistic compliance with data protection law and good practice during the first four years of the new regime (as well as over subsequent five year periods). Reflecting the admittedly very challenging nature of this task, the ICO also gained unprecedented and far-reaching powers (Sch. 17) which enabled it to compel the provision of relevant information with only 24 hours’ notice (para. 2) and even to assess activity on site through assessment notices (para. 3). Unfortunately, as this blog will explicate, the ICO did not use any of these powers or undertake a Review which can be seen as either robust or comprehensive, produced an Outcomes Report which failed to come to any definitive view as to the extent of journalistic compliance and also elected not to proactively publicise its Review Report in any way at the time of its release.’
UK Constitutional Law Association, 17th December 2024
Source: ukconstitutionallaw.org
‘Britain’s data protection regulator has labelled Google as “irresponsible” for allowing advertisers to track customers’ digital “fingerprints”, amid fears even privacy-conscious users will find the online monitoring technique difficult to block.’
The Guardian, 19th December 2024
Source: www.theguardian.com
‘Prismall v Google UK Ltd [2024] EWCA Civ 1516. This was not a class action but a representative action, pursuant to what is now Civil Procedure Rule (CPR) 19.8, for the tort of misuse of private information against the respondents Google UK Limited (Google) and DeepMind Technologies Limited (DeepMind). The action was on behalf of Mr Prismall and a class of persons said to number approximately 1.6 million.’
UK Human Rights Blog, 13th December 2024
Source: ukhumanrightsblog.com
‘The UK’s data protection regulator has asked banks, telecommunications providers and digital platforms to share personal information responsibly to protect their customers from scams and fraud, and clarified that data protection law is not an excuse for failing to do so.’
OUT-LAW.com, 26th November 2024
Source: www.pinsentmasons.com
‘Employers in the UK who use artificial intelligence (AI) tools for recruitment need to pay attention to their data protection obligations and have oversight of the AI provider’s data protection compliance process, a recent report by the UK’s data protection regulator has urged.’
OUT-LAW.com, 19th November 2024
Source: www.pinsentmasons.com
‘A domestic abuse victim said she was left fearing for her life after a company which obtains restraining orders accidentally leaked her home address to her ex-partner.’
The Independent, 5th November 2024
Source: www.independent.co.uk
‘Significant changes to data protection law have been proposed by the UK government, including to rules relevant to the use of AI systems in decision-making processes and to the use of data for the purposes of scientific research, as well as new rules aimed at liberalising data held by public sector organisations and businesses alike.’
OUT-LAW.com, 25th October 2024
Source: www.pinsentmasons.com
‘The Court of Appeal in London has dismissed arguments that the Competition Appeal Tribunal (CAT) erred in law by permitting an “unfair pricing” argument and in its assessment of the “unfair trading conditions” argument.’
OUT-LAW.com, 23rd October 2024
Source: www.pinsentmasons.com
‘Two survivors of the Manchester Arena bombing have won a high court harassment case against a former television producer who claimed the attack had been staged.’
The Guardian, 23rd October 2024
Source: www.theguardian.com
© Inner Temple Library 2025