• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

GDPR

UK Data Protection Regulator Fines Capita ~$18.8 Million Following a Ransomware Attack

October 20, 2025 By Hanna Hewitt and Kelly Hagedorn

On October 15, 2025, the UK’s Information Commissioner’s Office (ICO) fined Capita plc and Capita Pension Solutions Limited (collectively “Capita”) £14 million (~$18.8 million) for failing to implement adequate security measures to protect the personal data of over ~6.6 million individuals following a ransomware attack by Black Basta. The ICO’s penalty notice is available here. […]

Filed Under: Data Breach, Enforcement, GDPR, Security Breach, UK Tagged With: Cybersecurity, Cybersecurity Incidents, Enforcement Action, ICO, UK, UK Cybersecurity, UK GDPR

EU-wide Breach Notification Template On The Horizon

July 24, 2025 By Hanna Hewitt, Wim Nauwelaerts and Alice Portnoy

                  Following their recent meeting in Finland, the EU Data Protection Authorities acting through the European Data Protection Board (EDPB) announced their intention to release new tools and an EU-wide data breach notification template to help companies comply with the requirements of the EU General Data Protection […]

Filed Under: Data Breach, EDPB, EU, GDPR Tagged With: Cyber, Data breach, Data Breach Notifi, EDPB, European Union (EU), GDPR

UK Data Protection Regulator Fines UK Law Firm ~$80,000 Following Ransomware Incident

May 6, 2025 By Hanna Hewitt and Kelly Hagedorn

On April 14, 2025, the UK data protection regulator (the Information Commissioner’s Office (“ICO”)) fined DPP Law (“DPP”) £60,000 (approximately $80,000) following a ransomware incident. In its penalty notice, the ICO found that DPP failed to implement appropriate technical and organisational measures, as required by Article 5(1)(f) and Article 32 UK GDPR. This is the […]

Filed Under: Cybersecurity, Data Breach, GDPR, UK Tagged With: Cybersecurity, Data breach, Regulatory Enforcement, UK GDPR

Belgian Data Protection Authority Issues Updated Guidance on Direct Marketing Rules

March 20, 2025 By Alice Portnoy and Wim Nauwelaerts

On March 10, 2025, the Belgian Data Protection Authority (BDPA) updated its 2020 guidance on the processing of personal data for direct marketing purposes (see the updated guidance here in French and in Dutch). The BDPA reviewed its original guidance to help companies from all sectors navigate applicable EU privacy and data protection law requirements […]

Filed Under: Data Protection, Direct Marketing, ePrivacy, GDPR, Online Privacy Tagged With: Accountability, Marketing, Transparency

Belgian Data Protection Authority Publishes Guidance on the Interplay between the GDPR and the AI Act

September 25, 2024 By Wim Nauwelaerts and Alice Portnoy

On 19 September 2024, the Belgian Data Protection Authority (DPA) issued new Guidance on the interplay between the recently adopted EU Regulation on Artificial Intelligence (the AI Act) and the General Data Protection Regulation (the GDPR), which aims to provide further insight into the use of artificial intelligence (AI) systems that process personal data. The […]

Filed Under: AI, Artificial Intelligence, Belgium, GDPR

  • Page 1
  • Page 2
  • Page 3
  • Interim pages omitted …
  • Page 20
  • Go to Next Page »

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


RANSOMWARE FUSION CENTER
Click here to request access

THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up


Secondary Sidebar

Categories

Recent Posts

  • UK Data Protection Regulator Fines Capita ~$18.8 Million Following a Ransomware Attack
  • FTC Cracks Down on Messaging App Operator on Child Data Exploitation
  • Unlocking the MIND Act: The Senate To Take on the Challenge of Neurotechnology
  • California Finalizes New and Amended CCPA Regulations
  • The EU Data Act Comes Into Force
Copyright © 2025 · Alston & Bird · All Rights Reserved. Privacy.
This website uses cookies to improve functionality and performance. By continuing to browse this site, you are consenting to the use of cookies on this website.