UK

UK: NCSC issue guidance on how to communicate effectively in a cyber incident

By James McGachie & Morven Henderson on October 22, 2024

Planning and developing an effective communications strategy is a critical step in preparing for a cyber security incident. Last week, the UK’s National Cyber Security Centre published guidance on communicating with stakeholders before, during and after a cyber security incident. The guidance is published with organisations of all sizes in mind, and sets out three…

UK: The UK Cybersecurity and Resilience Bill – a different approach to NIS2 or a British sister act?

By Nicholas De Lacy-Brown, Henry Kilding, James McGachie & Rachel de Souza on October 1, 2024

Posted in Cyber security, Digital Decade, EU data governance, EU privacy, New laws, Privacy Law, UK

In the much anticipated first King’s Speech of the new Labour Government on 17 July 2024, the monarch announced that the long anticipated Cybersecurity and Resilience Bill (CS&R Bill) would be amongst those new laws making their way onto Parliament’s schedule for the next year. Six years on from the implementation of the …

UK: Data protection authority issues reprimand to gambling operator for unlawfully processing personal data

By David Cook, Benjamin Fellows, Mateusz Wojcik & Shervin Nahid on September 25, 2024

Posted in Adtech, Cookies, Enforcement, UK

On 16 September 2024, the UK’s data protection authority, the Information Commissioner’s Office (ICO), issued a reprimand against Sky Betting and Gaming (SkyBet) for unlawfully processing people’s data through advertising cookies without their consent.

Between 10 January and 3 March 2023, SkyBet’s website dropped third-party AdTech cookies to visitors’ browsers before…

EU/UK: Data-Sharing Frameworks – A State of Play in the EU and the UK

By Heidi Waem, Simon Verschaeve, Muhammed Demircan, James Clark & Laura Dobson on June 6, 2024

Posted in Data Sharing, Digital transformation, EU Commission, EU data governance, EU privacy, New laws, UK

Disclaimer: This article first appeared in the June 2024 issue of PLC Magazine, and is available at http://uk.practicallaw.com/resources/uk-publications/plc-magazine.

In order to capture the benefits of data-driven innovation, the EU and the UK are taking action to facilitate data sharing across various industries.

In the EU, the European Commission is investing €2…

UK: New cyber security requirements for consumer products

By James Clark on May 1, 2024

Posted in Cyber security, UK

On Monday 29 April, new cyber security requirements entered into force in the United Kingdom. They apply to connected products sold to consumers and place obligations on the manufacturers, importers and distributors of those products.

Background

The Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023 (Regulations) are the…