• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

GDPR

UK Data Protection Regulator Fines UK Law Firm ~$80,000 Following Ransomware Incident

May 6, 2025 By Hanna Hewitt and Kelly Hagedorn

On April 14, 2025, the UK data protection regulator (the Information Commissioner’s Office (“ICO”)) fined DPP Law (“DPP”) £60,000 (approximately $80,000) following a ransomware incident. In its penalty notice, the ICO found that DPP failed to implement appropriate technical and organisational measures, as required by Article 5(1)(f) and Article 32 UK GDPR. This is the […]

Filed Under: Cybersecurity, Data Breach, GDPR, UK Tagged With: Cybersecurity, Data breach, Regulatory Enforcement, UK GDPR

Belgian Data Protection Authority Issues Updated Guidance on Direct Marketing Rules

March 20, 2025 By Alice Portnoy and Wim Nauwelaerts

On March 10, 2025, the Belgian Data Protection Authority (BDPA) updated its 2020 guidance on the processing of personal data for direct marketing purposes (see the updated guidance here in French and in Dutch). The BDPA reviewed its original guidance to help companies from all sectors navigate applicable EU privacy and data protection law requirements […]

Filed Under: Data Protection, Direct Marketing, ePrivacy, GDPR, Online Privacy Tagged With: Accountability, Marketing, Transparency

Belgian Data Protection Authority Publishes Guidance on the Interplay between the GDPR and the AI Act

September 25, 2024 By Wim Nauwelaerts and Alice Portnoy

On 19 September 2024, the Belgian Data Protection Authority (DPA) issued new Guidance on the interplay between the recently adopted EU Regulation on Artificial Intelligence (the AI Act) and the General Data Protection Regulation (the GDPR), which aims to provide further insight into the use of artificial intelligence (AI) systems that process personal data. The […]

Filed Under: AI, Artificial Intelligence, Belgium, GDPR

CBDF Research Fellow Theodore Christakis Publishes Study on Cross-Border Data Transfers and the EU’s “Zero Risk” Approach

February 20, 2024 By Peter Swire, Alice Portnoy and David Keating

Theodore Christakis, Professor of International Law at the University Grenoble Alpes and Senior Fellow and Director of Research for Europe at the Cross-Border Data Forum, has published a new comprehensive analysis on cross-border transfers of personal data and the EU’s data protection authorities’ “Zero Risk” theory developed since the CJEU Schrems II Judgment. Prof. Christakis looks […]

Filed Under: GDPR, Government Access to Data, Transfers

Are You Using EU Standard Contractual Clauses for Data Transfers? Be Aware of these Breach Notification Requirements

January 8, 2024 By Wim Nauwelaerts

It has become common knowledge that the General Data Protection Regulation (2016/679) (GDPR) heavily restricts transfers of personal data outside of the European Union (EU). In the absence of an adequacy decision by the European Commission, the GDPR allows controllers and processors to transfer personal data to a third country outside of the EU only […]

Filed Under: Data Breach, GDPR, International, Standard Contractual Clauses Tagged With: Data Breach Notification, European Union (EU), International Data Transfers

  • Page 1
  • Page 2
  • Page 3
  • Interim pages omitted …
  • Page 20
  • Go to Next Page »

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


RANSOMWARE FUSION CENTER
Click here to request access

THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • CISA Issues Enhanced Guidance to Mitigate Cyber Threats to Operational Technology Systems
  • CPPA Issues Revised Draft CCPA Regulations; Votes to Initiate Public Comment Period
  • UK Data Protection Regulator Fines UK Law Firm ~$80,000 Following Ransomware Incident
  • DOJ Settles False Claims Act Case with MORSECORP Over Cybersecurity Program
  • Additional Cybersecurity Requirements of NYDFS Part 500 Take Effect Today
Copyright © 2025 · Alston & Bird · All Rights Reserved. Privacy.
This website uses cookies to improve functionality and performance. By continuing to browse this site, you are consenting to the use of cookies on this website. OkCookie policy