Issues in the UK’s forthcoming Digital Markets, Competition and Consumer Bill

On 6 May 2022 the Government confirmed its approach to strengthen digital competition regulation in the UK.[1] The UK is now on the verge of publishing the Digital Markets, Competition and Consumer Bill (the “Bill”) which will be broadly aligned with the EU’s Digital Markets Act (“DMA”). However, will the Bill be fit for purpose?…

Details

EDPB’s Feedback on the New EU-U.S. Data Privacy Framework

Background As previously reported, on 13 December 2022, the European Commission published its draft adequacy decision for the EU-U.S. Data Privacy Framework (the “Framework”). The Framework only applies is only applicable to U.S. organisations which have self-certified. Two months later, on 28 February 2023, the European Data Protection Board (“EDPB”) adopted its opinion on the…

Details

DCMS Publishes New Security and Privacy Principles for App Store Operators and Developers

The Department for Digital, Culture, Media, and Sport (“DCMS”) recently published a new ‘Code of Practice for App Store Operators and Developers’ (“Code”), following calls to improve app security and privacy for users. The new Code of Practice sets out eight key principles for stakeholders in the digital app space. The stakeholders who shall adhere…

Details

DPO’s Dismissal & Conflicts of Interest Under The EU GDPR – CJEU Ruling

On 9 February 2023, the Court of Justice of the EU (“CJEU”) issued a preliminary ruling in the case C-453/21, following two important questions submitted by a German Federal Labor Court, regarding: Whether Article 38(3) of the GDPR precludes national legislation from introducing certain requirements for the dismissal of the DPO? What circumstances constitute a…

Details

ICO – Change of Deadline for Reporting Breach Notifications for Communication Service Providers

On 20 January 2023 the UK’s Information Commissioner’s Office (“ICO”) published a statement regarding the obligations then in place for public electronic communications service providers (“CSPs”) under Regulation 5A of the Privacy and Electronic Communications Regulations 2003 (“PECR”). The statement proposed the termination of the 24-hour data breach regime (which required CSPs to notify the…

Details

Ofcom Launches Investigation into BT Following Suspected Breaches of Consumer Protections Post Implementation of EECC

Following full implementation of the European Electronic Communications Code (EECC), Ofcom introduced new contract requirements with an aim to protect consumers and end-users.  These include ensuring that contracts for public electronic communications services include key information about the services they are receiving and that such information is provided to them in a one-page summary before…

Details