Included in this edition of data & privacy news: ICO publishes response to Government's announcement on extension for personal data flows; TikTok faces lawsuit and more...

ICO publishes response to Government's announcement on extension for personal data flows

The ICO has published a statement in response to the UK Government's announcement that the Treaty agreed with the EU will allow for an extended period for personal data flows enabling businesses and public bodies to continue to freely receive data from the EU (and EEA).

The ICO has recommended that businesses work with the EU and EEA organisations who transfer personal data to them during this period to put in place alternative transfer mechanisms to ensure that the free flow of personal data is uninterrupted.

Information Commissioner Elizabeth Denham has said the ICO will provide guidance on their website to "reflect the extended provisions and ensure businesses know what happens next". 

TikTok faces lawsuit for violating children's data privacy law in the UK

TikTok, a popular video sharing app, is facing a fresh legal challenge in the UK for violating children's privacy law. 

The lawsuit is being brought by a 12-year old girl in the UK with the support of England's children's commissioner Anne Longfield. The children's commissioner is hoping that the court will order TikTok to delete the child's data, as well as create stronger protections for users aged under 16. 

A preliminary hearing has already been held to grant anonymity to the child.

Institute and Faculty of Actuaries warns of cyber risk threat to pensions schemes  

The Institute and Faculty of Actuaries (IFoA) has warned of the "significant threat" that cyber risks pose to pensions schemes, advising trustees to assess their "personal cyber hygiene" to mitigate the risk of cyber attacks.

The IFoA warned that cyber risks could cripple administration, breach confidentiality of pension schemes and defraud employers.

Trustees should assess their passwords, ensure adequate virus and anti-malware protections are in place, assess their email security monitoring and consider whether the third-party has sufficient financial resources to deal with costs in case a cyber attack does occur. 

High Court rules on use of thematic warrants for equipment interference

The High Court has ruled that it was unlawful for GCHQ and MI5 to use thematic warrants issued under Section 5 of the Intelligence Services Act for equipment interference. 

Privacy International, a UK-based charity, has been challenging the legality of these warrants for the past 5 years. 

All targets for equipment interference (otherwise known as hacking) will now have to be scrutinised by a secretary of state, rather than being left to the discretion of intelligence agencies. 

Key Contacts

Ross McKenzie

Ross McKenzie

Partner, Commercial & Data Protection
Aberdeen, UK

View profile
Helena Brown

Helena Brown

Partner, Commercial and Data Protection & Head of Data
Edinburgh, UK

View profile
Dr. Nathalie Moreno

Dr. Nathalie Moreno

Partner, Commercial and Data Protection
London

View profile

Subscribe to updates

Get our latest updates delivered to your inbox

Related News

All News
Abstract Mergers Acquisitions 21 Dec 23

Addleshaw Goddard LLP, legal counsel to ETC Holdings, on its acquisition of Shanta Gold Limited
Abstract - Stairs - New Service 9 Mar 21

AG Supports the Creation of a Ground-Breaking New Dispute Resolution Service
26 Feb 18

Addleshaw Goddard adds fire power to Data offering with the hire of leading expert in Scotland

Related Insights

All Insights
Data Protection - March 2024 - Infographic Teaser 26 Mar 24

Data Diaries - March 2024
Technology 15 Mar 24

The Saudi National Cybersecurity Authority Publishes New Regime for the Regulation of Cybersecurity Service Providers
Data - wire 12 Mar 24

The executive regulations to the Oman personal data protection law - What you should know

Read articles and register for events & webinars via LinkedIn

Follow AG Insight on LinkedIn