The Principles for Securing Personal Data in Government Services, developed by the Office of the Chief Digital Officer (OCDO), aim to support the government’s push for more joined-up public services.

A report of employee data controversy, employee grievance cases, and regulatory complaints frequently start with one question: Which information do you have on me? The UK General Data ...

The Data Protection Act (DPA) 2018 is the UK’s data protection law. It brings the EU’s General Data Protection Regulation (GDPR) into the UK’s legal system and defines how personal data should be ...

Most people associate data protection with legislation, most recently the Data Protection Act 1998 and the General Data Protection Regulation 2016 (GDPR). However, it should be appreciated that this ...

The General Data Protection Regulation (GDPR) came into force on 25 May 2018. This wide-ranging piece of legislation governs data protection requirements for any entity managing personal data across ...

In a significant move positioning the UK at the forefront of responsible AI adoption, the government has introduced what it calls a “world first” AI-focused cyber security code of practice. Released ...

On May 14, 2025, the European Data Protection Board ("EDPB") issued a favorable opinion on granting a six-month extension to the existing adequacy decisions for the UK, following a formal proposal ...

GDPR outlines six principles that organizations need to abide by. These principles aren't new - they were already outlined in the 1995 directive, but GDPR has revised them slightly. We delve into each ...

The UK’s Information Commissioner's Office is about to ditch single-leader model for CEO and board in a major shake-up ...

The British Virgin Islands ("BVI") Data Protection Act, 2021 ("DPA") came into force on 9 July 2021. It was introduced so the BVI would have a data protection framework which is broadly similar to EU ...