Region: United Kingdom

UK financial watchdog fines Tesco Bank £16.4 million

The UK’s Financial Conduct Authority has ordered Tesco Bank to pay £16.4 million (€18.4 million) following a “largely avoidable” 2016 hack.

02 October 2018

AggregateIQ challenges ICO jurisdiction

GDR can reveal that AggregateIQ, the target of the UK’s first known enforcement decision under its GDPR framework, claims that the Information Commissioner's Office lacks jurisdiction over the Canadian company and is unlawfully trying to retroactively apply its new powers.

01 October 2018

Regulate AI output rather than process, says lawyer

Regulation should address the potentially harmful results of AI, rather than the process through which it reaches those results, a barrister has said.

01 October 2018

UK health insurer fined over security failures

The UK Information Commissioner’s Office has fined healthcare insurer Bupa £175,000 for failing to have effective security measures in place to protect customers’ personal information.

28 September 2018

UK could lose out on database rights, government warns

A no-deal Brexit could see database rights become unenforceable for UK rights holders, the UK’s government has said.

28 September 2018

Ad tech industry struggling with privacy rules, say lawyers

The digital advertising industry is struggling to establish clear legal grounds for processing under the GDPR, ahead of changes to the EU ePrivacy regulations that are set to affect the industry yet further, lawyers have said.

28 September 2018

English court orders hackers to pay $8 million

An English judge has told multiple defendants to return funds diverted from a mining company, months after he ordered England’s first-ever worldwide freezing injunction against persons unknown.

21 September 2018

Equifax ordered to pay maximum UK fine

The UK’s data protection watchdog has ordered credit reporting agency Equifax to pay the maximum fine available under the country’s pre-GDPR framework, slamming the company’s “systemic” security failures that included a UK-US data processing agreement which contained inadequate safeguards.

20 September 2018

Multiple data protection authorities may have stake in enforcement action, regulators say

The location of data processing and level of a country’s citizens’ concern play a larger role in determining lead supervisory authorities than the location of company headquarters, regulators have said.

19 September 2018

Cambridge Analytica lawyers’ withdrawal postponed as liquidation reps appointed

Lawyers trying to exit the US bankruptcy proceedings of Cambridge Analytica as no-one is left at the company to instruct them have been told they need to wait until a court-appointed trustee selects a corporate representative to assist him with the company’s liquidation.

18 September 2018

Get unlimited access to all Global Data Review content