Irish Data Protection Watchdog fines TikTok €345 million for breaking EU data law on children’s accounts

In a significant development concerning data privacy and protection, Ireland’s Data Protection Commission’s (“DPC”) final decision imposes a fine of €345 million on the popular social media platform, TikTok, for violating children’s privacy in 2020. The scale of the fine is an indication of how seriously the DPC addresses the misuse of children’s personal data…

Navigating Health Data Compliance: A Roadmap for Employers

The ICO has released an extensive guide clarifying employers’ responsibilities regarding the processing of their employees’ health data. This guidance comes as a result of the ICO’s analysis of feedback received during a consultation on an earlier version of the document. Health data, considered a special category of personal data, enjoys heightened protection under the…

Transatlantic convergence? Recent cases on advertising and privacy from the USA and UK

The US Federal Trade Commission’s (FTC) suit against Kochava Inc, a prominent data aggregator and analytics company, faced a recent setback when the Idaho District Court granted Kochava’s motion to dismiss the FTC’s claim.[1] The FTC alleged that Kochava’s sale of geolocation data taken from mobile devices could enable third parties to uncover sensitive, personal…

Virgin succeeded in defending a claim by EE for loss of EE’s profits caused by Virgin’s breach of the MVNO Exclusivity Clause

A summary judgment against EE in its claim versus Virgin Mobile has significant implications for any companies bound by exclusivity provisions in English law governed contracts, which also contain exclusions of liability. In terms of the telecoms mobile sector, this could have major implications for MVNOs bound by exclusivity under any English governed MVNO agreement…

Getting out of a (data) scrape: global statement published for the protection of publicly accessible personal data online

On 24 August 2023, in conjunction with data protection authorities in eleven other countries, the UK’s Information Commissioner’s Office (“ICO”) published a joint statement regarding data scraping and the protection of privacy. Data scraping refers to an automated means of extracting data from the web. While not in itself illegal, data protection authorities have reported…