Articles Posted in Data Protection

Posted
By , and

The Data (Use and Access) Bill (DUA Bill) represents the most recent effort to reform the UK’s data protection landscape, introducing changes aimed at simplifying compliance and enhancing regulatory flexibility. The DUA Bill has three stated core objectives: (i) improving public services, (ii) growing the economy, and (iii) making people’s lives easier. The DUA Bill retains some content from the previous Data Protection and Digital Information Bills proposed by the previous Conservative government(s) (DPDI), though some of the more controversial elements have been dropped.

Continue reading

Posted
By , and

In light of the increasing organizational use of and reliance on software and the concerns raised regarding the malicious use of the same, the UK Government has published a response to its call for views on software resilience and security for businesses and organizations. (See here for details of the call for views.) The UK Government has unveiled an ambitious plan to enhance software security practices in the UK by proposing baseline security expectations for software vendors in an effort to seek more transparency and consistency for customers.

Continue reading

Posted
By , , and

The UK and U.S. Governments have now formalized the UK-U.S. Data Bridge. The U.S. Attorney General designated the UK as a “qualifying state” for the purposes of the Executive Order 14086 on September 18, 2023, and the UK regulations implementing the Data Bridge are scheduled to take effect on October 12, 2023. From October 12, 2023, the Data Bridge will therefore operate as an extension of the EU-U.S. Data Privacy Framework (DPF) to enable the unrestricted movement of personal data between the UK and certified U.S. entities. For more information about the DPF, see our earlier briefing here.

Continue reading