2023 will bring with it updates and reforms in relation to data protection and cybersecurity in the UK. The proposed changes are expected to place tighter restrictions on digital content; increase protection around the internet of things and connected products; and, to the delight of some, lighten compliance burdens with respect to personal data. A few highlights to watch out for are set out below:
Continue Reading Incoming Privacy and Cybersecurity Developments in the UK
Security may not be the first word that comes to mind when thinking about GDPR and UK GDPR compliance, but recent matters indicate it should certainly be near the top of any compliance checklist.
Security of personal data is fundamental to every organization, and its significance scales depending on the type of data processing that takes place. Of the penalties issued for data protection infractions across the EU and UK in 2022 so far, over 70 include security, which is almost 20% of the total fines issued. Specifically, these fines were issued due to a breach of Article 32 of the GDPR/UK GDPR: failing to have appropriate technical and organizational measures in place to protect personal data. A breach of Article 32 of the GDPR or UK GDPR technically only attracts the “standard maximum” fine of €10/£8.7 million or 2% of global annual turnover, however the offence is often coupled with other transgressions, which has led to fines over €20 million.
Continue Reading Data Protection: The Increasing GDPR/ UK GDPR Focus on Security