Search results
636 results ordered by
EU Data Protection Board guidance on international data transfers
How does the recent guidance issued by the European Data Protection Board (EDPB) assist businesses in complying with the EU GDPR when carrying out international data transfers?
Read moreOpinions aplenty on the European Commission’s draft adequacy decision regarding the EU-US Data Privacy Framework
How have the EU law-making institutions reacted to the draft adequacy decision regarding the EU-US Data Privacy Framework (DPF)?
Read moreItalian Data Protection Authority issues fine for use of dark patterns
How can companies ensure that their websites, apps and other online interfaces comply with regulations restricting the use of dark patterns when collecting consent to the processing of personal data?
Read moreICO’s new draft guidance on “likely to be accessed by children” under the Age Appropriate Design Code
When will an online service fall within the scope of the Age Appropriate Design Code?
Read moreCyber_Bytes - Issue 54
Welcome to Cyber_Bytes, our regular round-up of key developments in cyber, tech and evolving risks.
Read moreCyber_Bytes - Issue 53
Welcome to Cyber_Bytes, our regular round-up of key developments in cyber, tech and evolving risks.
Read moreCyber_Bytes - Issue 52
Welcome to Cyber_Bytes, our regular round-up of key developments in cyber, tech and evolving risks.
Read moreICO publishes guidance on compliance of game design with the Children’s Code
What steps can game designers take to ensure their games comply with the Children’s Code?
Read moreCyber_Bytes - Issue 51
Welcome to Cyber_Bytes, our regular round-up of key developments in cyber, tech and evolving risks.
Read moreCyber_Bytes - Issue 50
Welcome to Cyber_Bytes, our regular round-up of key developments in cyber, tech and evolving risks.
Read moreCloud computing in business: A silver lining?
Cloud computing is a resource that businesses have rapidly adopted as a major step towards completing their digitalisation.
Read moreRPC Law x Web3: Gambling regulations – Don't Play Games of Chance with the Law
This is part of a series of RPC x Web3 articles designed to help Web3 participants and enthusiasts understand their rights in this rapidly evolving space.
Read moreCyber_Bytes - Issue 49
Welcome to Cyber_Bytes, our regular round-up of key developments in cyber, tech and evolving risks.
Read moreThe NIS Regulations to expand to bring outsourced IT providers and managed service providers into scope
The UK's Network and Information Systems ("NIS") Regulations came into force in May 2018 to boost the level of security of network and information systems for the provision of essential services, such as transport, energy, water, health and digital infrastructure ("operators of essential services (OES)"). These Regulations also applied to digital services, such as online marketplaces, online search engines and cloud computing services ("relevant digital service providers (RDSPs)").
Read moreCyber_Bytes - Issue 48
Welcome to Cyber_Bytes, our regular round-up of key developments in cyber, tech and evolving risks.
Read moreRPC Law x Web3: If There's Something Strange in the Web3 World, Who You Gonna Call?
"And the way we win is by creating a new, democratic, decentralised internet, one where the behaviour of companies like this will be impossible forever. One where it is the users, not the kings, who have sovereign control over their data." - Richard Hendricks, in the HBO TV Series "Silicon Valley", portrayed by Thomas Middleditch
Read moreCyber_Bytes - Issue 47
Welcome to Cyber_Bytes, our regular round-up of key developments in cyber, tech and evolving risks.
Read moreRPC Law x Web3: Considerations for NFT Founders Building Communities and Providing Utility to Holders
In the past when one purchased an NFT, the only expectation was that he, she, or they was purchasing rights in an asset (usually a digital artwork).
Read moreRecent developments in data subject litigation caselaw
Two interesting recent developments in the case law relating to data subject litigation. These further undermine the viability of low-value claims for personal data breaches for claimant law firms.
Read moreRPC Law x Web3: Ownership of Digital Assets in Web3
This is the inaugural part of a series of articles relating to legal issues around Web3. Over the course of the next few months, will hope to provide you with some thoughts and insights on the areas of Web3 where potential legal issues may arise based on current laws.
Read moreSingapore data protection update
New guidance from the Court of Appeal for parties involved in an action against another individual for loss and damage suffered as a result of a contravention of the provisions of the PDPA.
Read moreCyber Incident Reporting Obligations for Hong Kong Licensed Financial Services Companies
The number of cyber-attacks is on the rise. In particular, financial services companies have been identified as key targets for threat actors in the Q2 of 2022.
Read moreChanges to data protection legislation in Asia – 2022 update (including Mainland China)
Looking back on the last 18 months, the data privacy laws of several Asian jurisdictions have been updated to incorporate stronger protections for individuals’ personal data. This article provides an update on a handful of jurisdictions in Asia and summarises some of those main changes, including the far-reaching implications of the new data protection law in Mainland China.
Read moreEDPB guidelines on personal data breach notifications
Last month, the EDPB published their "Guidelines on Examples regarding Personal Data Breach Notification" (the Guidelines). These are intended to provide "practice-oriented, case-based" guidance on when it is necessary to notify the relevant supervisory authorities (the SA) under Article 33(1) of the GDPR and/or data subjects under Article 34(1) of the GDPR following a personal data breach.
Read moreThe Supreme Court hands down judgment in Lloyd v Google
In a keenly anticipated judgment that has significant ramifications for UK data protection, the Supreme Court has today overturned the Court of Appeal's decision in Lloyd v Google and restored the original order made by the High Court, refusing the claimant's application for permission to serve proceedings on Google outside the jurisdiction.
Read moreCase comment: striking out of privacy and confidence actions in the Dixons data breach case
The number of claims issued in the High Court (Media and Communications List) with a data protection element continues to increase. The rise in claim numbers can be attributed to a number of factors including: (i) individuals becoming more aware of their rights under data protection legislation, (ii) uncertainty as to whether individuals may recover damages for a loss of control of their personal data without proving material damage or distress; (iii) the abundance of specialist law firms who are prepared to act for individuals on a "no-win-no-fee" basis and (iv) the availability of After the Event ("ATE") insurance to protect a would-be claimant against adverse costs orders.
Read moreUpcoming changes to data protection legislation in Asia
The data privacy landscape in Asia is varied, complex and evolving. We are already seeing the wheels of change in motion as the data privacy laws of several Asian jurisdictions are being updated to reflect more closely the European data protection regime. This article summarises some of those changes.
Read moreSchrems II – Groundhog Day for Data Transfers
On Thursday 16 July, the Court of Justice of the European Union (“CJEU”) delivered its judgment in one of the most highly anticipated court cases in data protection, Case C-311/18 Data Protection Commissioner v Facebook Ireland Limited, Maximillian Schrems (widely referred to as “Schrems II”). This decision came almost 8 months after Advocate General Saugmandsgaard Øe published his Opinion, which albeit not binding, provided a strong indication for the CJEU's judgment.
Read moreRestarting your business and implementing Government guidance to support NHS Test and Trace
In its latest guidance on keeping workers and customers safe during COVID-19 in restaurants, pubs, bars and takeaway services (23 June 2020), the Government has recommended that businesses operating in these sectors keep a temporary record of customers and visitors for 21 days. This will assist NHS Test and Trace with requests for that data if needed.
Read moreCybersecurity and COVID-19: Opportunities for change in the face of challenge
COVID-19 is not the first and will not be the last pandemic, but it is the first one that has brought the importance of cyber resilience and adaptability in the era of global trade to the forefront of many businesses' minds.
Read moreAre you compliant with the new rules in Singapore? Asia? Beyond?
With the implementation of the GDPR in Europe (2018) and the rise of serious cyber-attacks in Asia, many APAC countries are making major changes to their data privacy laws. Navigating the various regulatory regimes can be complex particularly for companies doing business across the region and beyond.
Read moreNo Deal Brexit – implications for data and privacy law compliance
The Brexit rollercoaster ride continues. At the time of writing, the UK and EU have just announced the agreement of a new withdrawal deal but there are serious doubts about whether it will be backed by Parliament. Despite the requirements of the Benn Act, the risk of the UK leaving the EU without a deal continues to be a concern.
Read moreBrexit does not spell the end of the GDPR
The General Data Protection Regulation (the GDPR) is due to become law on 25 May 2018. As this will be before “Brexit” (Britain’s exit from the EU) takes effect, the GDPR will apply in the UK from that date.
Read moreApps: regulators globally push for data transparency
“Not in front of the telly: Warning over ‘listening’ TV”.
Read moreWhat does a new Labour government mean for the management liability market?
We have a new government and the first Labour government for 14 years. What does it mean for the management liability market? We look at what Labour has promised and with that the areas those in the market will want to consider across directors and officers, employment liability and pensions.
Read moreFCA announces thematic review of retirement income advice
The pension freedom reforms changed the way consumers access their retirement funds. This FCA thematic review will put firms under the spotlight with a focus on how the retirement income advice market is functioning in response to changing consumer needs in the current economic downturn.
Read moreFCA responds to criticism of the Public Accounts Committee when it comes to BSPS with rejection of suggestion it should reconsider a wider defined benefit transfer review
In a July blog I reported on the House of Commons Public Accounts Committee report entitled "Investigation into the British Steele Pension Scheme". The blog set out a number of recommendations of the Committee in light of its investigations into the FCA's conduct and regulatory oversight of BSPS and, in particular, the 7,834 members that transferred out of BSPS into a personal pension scheme. We have now had a sneak preview of the FCA's response in the recent Committee minutes. Here's what the FCA had to say.
Read moreFCA Review of AML failings at challenger banks
Throughout 2021, the FCA conducted a detailed review into the financial crime controls of challenger banks as they continued to enter the UK financial industry at a rapid pace. Their surge in popularity is partially linked to the Covid-19 pandemic, which has prompted significant changes in the habits of service providers worldwide. Whilst the FCA's review indicated some evidence of good practice, it is clear that challenger banks must do more to reduce the significant risks of financial crime occurring both at the time of customer onboarding and throughout the subsequent customer journey.
Read moreFCA consults on British Steel redress scheme
The FCA intends to open consultation on an industry wide redress scheme covering British Steel Pension transfers. This is perhaps the only option left for the regulator, but a redress scheme will heap further pressure on an area of the advice industry that is already under fire.
Read moreFCA looks to tighten up appointed representative regime
On Friday the FCA published a consultation paper on potential changes to the existing appointed representative (AR) regime.
Read moreFOS proposals to clear the back-log - attractive or not?
The Financial Ombudsman Service (FOS) has proposed a temporary approach to the classification of certain complaints in an attempt to alleviate their complaints backlog exacerbated during the COVID-19 pandemic. The approach could see firms looking to pro-actively resolve complaints before a defined cut off date before FOS reaches a decision so that the complaint is recorded separately and not as a "change in outcome" (i.e. where a complaint has been rejected by a business and upheld by FOS). The consultation was open for a short two-week period between 4 and 18 October 2021.
Read moreFCA set to expand climate-related reporting rules
The FCA has revealed it will consult on plans to require asset managers, life insurers and FCA-regulated pension schemes to meet climate-related disclosure rules. In doing so, the FCA is expanding the scope of firms required to report on climate-related risks in accordance with the recommendations of the Task Force on Climate-related Financial Disclosure (TCFD).
Read morePure Legal interest only mortgage claim – judgment in favour of the mortgage broker on limitation grounds as judge finds the damage was patent not latent
The first judgment following trial in a Pure Legal interest only mortgage claim has now been handed down, with the judge dismissing the claim on the basis that it was out of time, with the claimants having all requisite knowledge of the material facts of the damage from the outset of taking out the interest only mortgage. The judge also found the advice was not negligent.
Read moreWhen is a complaint a complaint under DISP?
A Court of Appeal judgment has recently addressed what constitutes a complaint for the purposes of DISP [Clive Davis v Lloyds Bank [2021] EWCA Civ 557]. It is important to identify when a complaint is made as a regulated firm for two primary reasons: first, a complaint triggers the dispute resolution procedure under DISP of the FCA's Handbook and second, it stops time running for the purposes of time bar when it comes to a complaint to FOS.
Read moreAdditions to FCA DB Transfer Guidance Published
The FCA have published finalised guidance regarding defined benefit pension transfers. The latest publication amends and adds to the draft published in June 2020.
Read moreFCA publishes finalised guidance for firms on the fair treatment of vulnerable customers
In February 2021, the FCA published guidance on the fair treatment of vulnerable customers with the aim of improving their customer experience.
Read moreFOS and the Adams v Carey decision – where are we as the Court of Appeal hearing starts?
Read moreCalls for increased regulation following rise in FSCS bills
The FSCS levy for the 2020/2021 was released earlier this year, causing frustration amongst many advisors in the sector. That frustration continues, with the FSCS making large compensation payments in respect of defined benefit (DB) transfers where many question the lack of earlier FCA intervention, which might have alleviated the problems in this area.
Read moreFCA appoints new CEO
The Financial Conduct Authority (FCA) has appointed Nikhil Rathi, the UK head of the London Stock Exchange, as its new permanent chief executive, making him the first BAME leader of the UK's city regulator.
Read moreStay connected and subscribe to our latest insights and views
Subscribe Here