What Does Age Verification for 18+ Content Mean for Data Protection in the UK?  The UK is introducing mandatory age verification for accessing 18+ online content, including pornography, gambling and other age-restricted services. This change is designed to protect children, but it raises important questions for the data protection community. Are these measures safeguarding users…

Are You Ready for a GDPR Audit? Most organisations believe their data protection practices are solid, until they take a closer look. A GDPR audit gives you the chance to step back and properly assess how your organisation handles personal data. It’s not just about compliance. It’s about building confidence that your systems, policies and…

SAR Support During the Summer Holidays: Why Organisations Struggle and How to Stay Compliant Every year, as summer arrives and schools break up for the six-week holiday, many organisations begin to feel the pressure. But it’s not just the heat or the juggling of annual leave rotas that causes challenges. For data protection teams across…

Privacy and Electronic Communications Regulations (PECR) – Masterclass Join Data Protection People for an essential full-day masterclass focused on the Privacy and Electronic Communications Regulations (PECR) and how they interact with UK GDPR. This online session is tailored to help professionals understand how to manage electronic communications lawfully, meet consent requirements, and ensure cookie compliance…

Online Safety Act Enforcement: Immediate Action Required for UK Businesses July 2025 marks a critical turning point in the UK’s Online Safety Act (OSA) implementation. After extensive preparation, Ofcom has now commenced active enforcement of key provisions, issuing deadlines that demand immediate attention from businesses providing online services with a significant UK user base or…

The MoD’s Data Breach: What You Need to Know A major data breach by the Ministry of Defence (MoD) has come to light, putting thousands of lives at risk and costing the UK government hundreds of millions of pounds. The details were kept under wraps by a super injunction until now. Here’s what happened, why…

The UK GDPR mentions “appropriate technical and organisational measures” almost 100 times. What this means and covers, however, is not exactly clear. This law consists of two key aspects: data security and protection. Data protection focuses on the legality of processing and collecting personal data. Data security, on the other hand, examines the security measures…

12,194. That’s the number of data breaches that were reported to the ICO in 2024. Even worse, these incidents don’t reflect the number of data subjects affected. A single breach could have a widespread impact on hundreds of thousands of individuals. Data breaches happen when data controllers and processors don’t have the “appropriate technical and…