Key topics - Osborne Clarke

GDPR

The General Data Protection Regulation (GDPR) took effect across the EU on 25 May 2018. The GDPR constitutes the biggest change to the data protection regime in the EU since the 1995 Data Protection Directive. There are some significant changes that have the potential to have a profound impact on many organisations that collect and use information about individuals, even (in some cases) on organisations with no establishment in the EU but who collect and use personal data of EU based individuals.

The importance of preparing and ensuring compliance with the new law cannot be overstated, not least because of the huge fines of up to €20m or 4% of worldwide turnover that could be levied for breaches.

But there are also business benefits for those organisations that use the opportunity to adopt a fresh approach to data privacy and protection. Compliance with the GDPR is not just an additional burden – it is also a way to build and strengthen trust with customers and employees, enhance business reputation, grow the value of data assets and enhance risk mitigation.

Article list

Regulatory Outlook

Data Protection | UK Regulatory Outlook May 2023

EDPB publishes guide for small businesses | Italian Data Protection Authority un-bans ChatGPT | CJEU case on the right to...

25/05/2023

Regulatory Outlook

Data Protection | UK Regulatory Outlook May 2023

25/05/2023

Artificial Intelligence

How to assess UK data privacy risk in artificial intelligence use

What data protection issues should be considered when processing personal data for AI purposes?

22/05/2023

Employment and pensions

GDPR for HR | Data protection guidance on artificial intelligence

Welcome to this month's edition of our GDPR for HR newsletter, bringing you a snapshot of developments, cases and insights...

02/05/2023

Regulatory Outlook

Data protection | UK Regulatory Outlook April 2023

UK ICO issues guidance for developers and users of generative AI | MEPs raise concerns over proposed new EU-US adequacy...

27/04/2023

Employment and pensions

GDPR for HR Newsletter March 2023 | Data protection guidance on processing health data

Welcome to this month's snapshot of developments, cases and insights relating to privacy in the workplace

13/03/2023

Regulatory and compliance

UK government reignites data protection reform

Changes to existing privacy framework proposed in updated Data Protection and Digital Information Bill

09/03/2023

Employment and pensions

UK Employment Law Coffee Break: Employment trends webinar, menopause and GDPR for HR

Welcome to our latest Coffee Break in which we look at the legal and practical developments impacting UK employers

02/02/2023

IT and data

Biden paves way for EU-US Data Privacy Framework and UK-US adequacy agreement

Is post-Schrems II legal certainty on the horizon for transatlantic data processing?

18/10/2022

Employment and pensions

GDPR for HR | The gig economy, DSAR tips and data protection abroad

Welcome to this fourth edition of our GDPR for HR newsletter - bringing you a snapshot of developments, cases and...

03/10/2022

Employment and pensions

GDPR for HR | AI in recruitment, EU employee transparency legislation, data privacy legislation in the US and more

Welcome to this third edition of our GDPR for HR newsletter - bringing you a snapshot of developments, cases and...

05/09/2022

Regulatory and compliance

UK government formalises data protection reform following consultation

Changes to existing privacy framework proposed in Data Protection and Digital Information Bill

08/08/2022

IT and data

UK government proposes clamp down on use of data subject access requests as a litigation tactic

Consultation response suggests that an inappropriate 'purpose' for making a DSAR could soon be a reason to refuse to respond

05/08/2022

Employment and pensions

Employment Law Coffee Break | GDPR for HR, drafting employment contracts and a round-up of recent developments

Welcome to our latest Coffee Break in which we look at the latest legal and practical developments impacting UK employers.

04/08/2022

Employment and pensions

GDPR for HR | Accessing employees' non-work related emails, Brexit, DSARs and more

Welcome to the second edition of our GDPR for HR newsletter - bringing you a snapshot of developments, cases and...

02/08/2022

Data-driven business models

How to respond to a ransomware attack – an illustrative example

Cyber attacks have become a fact of life. They are a persistent and real risk for any business, with the...

14/06/2022

Read time 13m

Regulatory and compliance

Ten top tips for handling data subject access requests

Are you handling each DSAR you receive in a way that appropriately balances risk and cost?

23/05/2022

Regulatory and compliance

The Queen's Speech - Data Reform Bill announced

UK government heralds next step in process of diverging from EU data protection regime, but extent of divergence not yet...

13/05/2022

Read time 3m

Digitalisation

Sport looks to artificial intelligence to deliver competitive edge

As teams and coaches turn to AI data to enhance success, what are the legal challenges and what is on...

25/04/2022

IT and data

UK international data transfer agreements laid before Parliament

Businesses relieved of uncertainty regarding data transfers outside of the UK as the ICO signals that agreements are almost finalised

03/02/2022

Tech, Media and Comms

Legislators worldwide move to adopt regulation by design

A new form of regulation is emerging that will help keep pace with developments in artificial intelligence

24/01/2022

GDPR

New guidance emerging on cross-border data transfers: an overview

Businesses wondering what they need to do to ensure their cross-border data transfers remain compliant will welcome new European-level guidance...

17/11/2020

GDPR

New guidance emerging on cross-border data transfers: what does this mean for businesses?

17/11/2020

IT and data

ICO signals its intentions on cyber security: large companies need to lead by example

The ICO has issued DSG Retail Limited, the owner of Currys PC World and Dixons Travel stores, with a sizeable...

17/01/2020

IT and data

The e-Privacy Regulation: latest delays leave important questions unanswered

03/12/2019

Workforce Solutions

What are the key Digital Transformation issues for Recruitment and Workforce Solutions companies?

26/09/2019

Brexit

Data protection and privacy: are you Brexit-ready for any outcome?

05/09/2019

Retail and Consumer

Doing retail in Europe | Some recent legal challenges in the market

30/08/2019

GDPR

Learning from the British Airways and Marriott International fines: What organisational measures should companies be implementing?

29/08/2019

GDPR

Learning from the British Airways and Marriott International fines: What does the GDPR standard of "Appropriate Technical and Organisational Measures" actually mean?

29/08/2019

IT and data

Privacy, piracy and protectionist agendas | Barriers to enabling digital trade in a 4.0 world

Industrial revolution has always gone hand-in-hand with international trade, and the barriers that can create. So, it is no surprise...

28/08/2019

GDPR

GDPR one year on | What have we learned and what's next for data protection?

At a recent series of events, we shared learnings from the UK and beyond, one year on from the implementation...

15/07/2019

IT and data

Another day, another huge fine: Marriott International announces ICO's intent to fine it £99.3m for data breach

10/07/2019

IT and data

British Airways facing fine of £183.39m as ICO plans to issue its first GDPR monetary penalty

08/07/2019

GDPR

One year on: GDPR for EU HR

The first year of the GDPR has kept HR teams busy. From HR data mapping and audits, contract of employment...

24/05/2019

GDPR

GDPR nine months on | What should you be thinking about now?

25/02/2019

IT and data

Threat information sharing and GDPR | A lawful activity that protects personal data

02/01/2019

Blockchain

Blockchain and GDPR: beyond the right to be forgotten

In September 2018, the French data protection authority (CNIL) issued a report considering Blockchain technology from a personal data protection...

26/11/2018

IT and data

New Deal for Consumers: European Data Protection Supervisor concerned reforms could undermine GDPR

In an Opinion published on 5 October 2018, the European Data Protection Supervisor has raised concerns and made some significant...

07/11/2018

GDPR

Criminal convictions checks under the GDPR

Following the implementation of the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018 (DPA), UK...

10/09/2018

GDPR

100 days of GDPR | Session 5: Security and data incidents

With increased fines for data breaches under GDPR, how have companies responded to potential data security issues?

07/09/2018

GDPR

100 days of GDPR | Session 4: HR risk

Consent, data and diversity - how has GDPR been applied in HR?

06/09/2018

GDPR

Data Protection Impact Assessments under GDPR

06/09/2018

GDPR

100 days of GDPR | Session 3: AI and a look into the future

05/09/2018

GDPR

Profiling and automated decision-making under GDPR

05/09/2018

GDPR

100 days of GDPR | Session 2: Data Protection Officers

04/09/2018

GDPR

Appointing a Data Protection Officer: has your business got its risk assessment right?

04/09/2018

GDPR

Lead supervisory authority: The one stop shop

03/09/2018

GDPR

100 days of GDPR | Session 1: What's actually changed?

03/09/2018

Dispute resolution

GDPR | The practical impact on internal investigations

All businesses will be aware that the EU General Data Protection Regulation (GDPR), which took effect on 25 May 2018...

25/07/2018

GDPR

Update to UK Information Commissioner's Office fees for data controllers: when and what to pay

12/06/2018

Regulatory Outlook

UK Regulatory Update | May 2018

25/05/2018

GDPR

GDPR and share plans

12/04/2018

IT and data

Transfers of personal data outside the EEA – what's new?

05/10/2017

GDPR

New data portability rights under the GDPR for users of gameplay sharing platforms

08/09/2017

GDPR

UK government sets out proposals for Data Protection Bill and GDPR

16/08/2017

GDPR

The GDPR: what do you need to do if you own or manage property?

11/08/2017

GDPR

[Infographic] GDPR compliance for HR

08/08/2017

GDPR

GDPR and "consent" in employment contracts: employers must take a new approach

03/08/2017

GDPR

General Data Protection Regulation: With 12 months to go what does this mean for HR?

06/06/2017

Workforce Solutions

Helping recruiters to be GDPR-ready: 12 months to go

17/05/2017

GDPR

Are you ready for GDPR compliance?

28/04/2017

Tech, Media and Comms

EU General Data Protection Regulation - A UK perspective on its key aspects

22/03/2017

GDPR

[Infographic] The GDPR: 10 things adtech businesses need to know

22/03/2017

The GDPR: 10 things adtech businesses need to know

22/03/2017

Tech, Media and Comms

Article 29 Working Party issues guidance on key aspects of EU General Data Protection Regulation

20/12/2016

Tech, Media and Comms

Across the finish line: the European Parliament formally adopts the General Data Protection Regulation

15/04/2016

IT and data

The GDPR is on the home straight: the Council of the European Union formally adopts a revised version of the General Data Protection Regulation at first reading

17/02/2016

View all insights

Regulatory Outlook

Data Protection | UK Regulatory Outlook May 2023

EDPB publishes guide for small businesses | Italian Data Protection Authority un-bans ChatGPT | CJEU case on the right to...

25/05/2023

Regulatory Outlook

Data Protection | UK Regulatory Outlook May 2023

25/05/2023

Artificial Intelligence

How to assess UK data privacy risk in artificial intelligence use

What data protection issues should be considered when processing personal data for AI purposes?

22/05/2023

Employment and pensions

GDPR for HR | Data protection guidance on artificial intelligence

Welcome to this month's edition of our GDPR for HR newsletter, bringing you a snapshot of developments, cases and insights...

02/05/2023

Regulatory Outlook

Data protection | UK Regulatory Outlook April 2023

UK ICO issues guidance for developers and users of generative AI | MEPs raise concerns over proposed new EU-US adequacy...

27/04/2023

Employment and pensions

GDPR for HR Newsletter March 2023 | Data protection guidance on processing health data

Welcome to this month's snapshot of developments, cases and insights relating to privacy in the workplace

13/03/2023

Regulatory and compliance

UK government reignites data protection reform

Changes to existing privacy framework proposed in updated Data Protection and Digital Information Bill

09/03/2023

Employment and pensions

UK Employment Law Coffee Break: Employment trends webinar, menopause and GDPR for HR

Welcome to our latest Coffee Break in which we look at the legal and practical developments impacting UK employers

02/02/2023

IT and data

Biden paves way for EU-US Data Privacy Framework and UK-US adequacy agreement

Is post-Schrems II legal certainty on the horizon for transatlantic data processing?

18/10/2022

Employment and pensions

GDPR for HR | The gig economy, DSAR tips and data protection abroad

Welcome to this fourth edition of our GDPR for HR newsletter - bringing you a snapshot of developments, cases and...

03/10/2022

Employment and pensions

GDPR for HR | AI in recruitment, EU employee transparency legislation, data privacy legislation in the US and more

Welcome to this third edition of our GDPR for HR newsletter - bringing you a snapshot of developments, cases and...

05/09/2022

Regulatory and compliance

UK government formalises data protection reform following consultation

Changes to existing privacy framework proposed in Data Protection and Digital Information Bill

08/08/2022

IT and data

UK government proposes clamp down on use of data subject access requests as a litigation tactic

Consultation response suggests that an inappropriate 'purpose' for making a DSAR could soon be a reason to refuse to respond

05/08/2022

Employment and pensions

Employment Law Coffee Break | GDPR for HR, drafting employment contracts and a round-up of recent developments

Welcome to our latest Coffee Break in which we look at the latest legal and practical developments impacting UK employers.

04/08/2022

Employment and pensions

GDPR for HR | Accessing employees' non-work related emails, Brexit, DSARs and more

Welcome to the second edition of our GDPR for HR newsletter - bringing you a snapshot of developments, cases and...

02/08/2022

Data-driven business models

How to respond to a ransomware attack – an illustrative example

Cyber attacks have become a fact of life. They are a persistent and real risk for any business, with the...

14/06/2022

Read time 13m

Regulatory and compliance

Ten top tips for handling data subject access requests

Are you handling each DSAR you receive in a way that appropriately balances risk and cost?

23/05/2022

Regulatory and compliance

The Queen's Speech - Data Reform Bill announced

UK government heralds next step in process of diverging from EU data protection regime, but extent of divergence not yet...

13/05/2022

Read time 3m

Digitalisation

Sport looks to artificial intelligence to deliver competitive edge

As teams and coaches turn to AI data to enhance success, what are the legal challenges and what is on...

25/04/2022

IT and data

UK international data transfer agreements laid before Parliament

Businesses relieved of uncertainty regarding data transfers outside of the UK as the ICO signals that agreements are almost finalised

03/02/2022

Tech, Media and Comms

Legislators worldwide move to adopt regulation by design

A new form of regulation is emerging that will help keep pace with developments in artificial intelligence

24/01/2022

GDPR

New guidance emerging on cross-border data transfers: an overview

Businesses wondering what they need to do to ensure their cross-border data transfers remain compliant will welcome new European-level guidance...

17/11/2020

GDPR

New guidance emerging on cross-border data transfers: what does this mean for businesses?

17/11/2020

IT and data

ICO signals its intentions on cyber security: large companies need to lead by example

The ICO has issued DSG Retail Limited, the owner of Currys PC World and Dixons Travel stores, with a sizeable...

17/01/2020

IT and data

The e-Privacy Regulation: latest delays leave important questions unanswered

03/12/2019

Workforce Solutions

What are the key Digital Transformation issues for Recruitment and Workforce Solutions companies?

26/09/2019

Brexit

Data protection and privacy: are you Brexit-ready for any outcome?

05/09/2019

Retail and Consumer

Doing retail in Europe | Some recent legal challenges in the market

30/08/2019

GDPR

Learning from the British Airways and Marriott International fines: What organisational measures should companies be implementing?

29/08/2019

GDPR

Learning from the British Airways and Marriott International fines: What does the GDPR standard of "Appropriate Technical and Organisational Measures" actually mean?

29/08/2019

IT and data

Privacy, piracy and protectionist agendas | Barriers to enabling digital trade in a 4.0 world

Industrial revolution has always gone hand-in-hand with international trade, and the barriers that can create. So, it is no surprise...

28/08/2019

GDPR

GDPR one year on | What have we learned and what's next for data protection?

At a recent series of events, we shared learnings from the UK and beyond, one year on from the implementation...

15/07/2019

IT and data

Another day, another huge fine: Marriott International announces ICO's intent to fine it £99.3m for data breach

10/07/2019

IT and data

British Airways facing fine of £183.39m as ICO plans to issue its first GDPR monetary penalty

08/07/2019

GDPR

One year on: GDPR for EU HR

The first year of the GDPR has kept HR teams busy. From HR data mapping and audits, contract of employment...

24/05/2019

GDPR

GDPR nine months on | What should you be thinking about now?

25/02/2019

IT and data

Threat information sharing and GDPR | A lawful activity that protects personal data

02/01/2019

Blockchain

Blockchain and GDPR: beyond the right to be forgotten

In September 2018, the French data protection authority (CNIL) issued a report considering Blockchain technology from a personal data protection...

26/11/2018

IT and data

New Deal for Consumers: European Data Protection Supervisor concerned reforms could undermine GDPR

In an Opinion published on 5 October 2018, the European Data Protection Supervisor has raised concerns and made some significant...

07/11/2018

GDPR

Criminal convictions checks under the GDPR

Following the implementation of the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018 (DPA), UK...

10/09/2018

GDPR

100 days of GDPR | Session 5: Security and data incidents

With increased fines for data breaches under GDPR, how have companies responded to potential data security issues?

07/09/2018

GDPR

100 days of GDPR | Session 4: HR risk

Consent, data and diversity - how has GDPR been applied in HR?

06/09/2018

GDPR

The GDPR is on the home straight: the Council of the European Union formally adopts a revised version of the General Data Protection Regulation at first reading

17/02/2016

View all insights

Dr Flemming Moos

Partner, Specialist lawyer for IT law, Germany

+49 40 55436 4054 Email Flemming Full biog

Mark Taylor

Partner, Head of Digitalisation, UK

+44 20 7105 7640 Email Mark Full biog

Rafael García del Poyo

Partner, Spain

+34 91 576 44 76 Email Rafael Full biog

Benjamin Docquir

Partner, Belgium

+32 2 515 93 36 Email Benjamin Full biog

Claire Bouchenard

Partner, France

+33 1 84 82 45 30 Email Claire Full biog

Dr Marc Störing

Partner, Germany

+49 221 5108 4266 Email Marc Full biog

Georgina Graham

Partner, UK

+44 117 917 3556 Email Georgina Full biog

Marialaura Boni

Senior Associate, Italy

+39 02 5413 1730 Email Marialaura Full biog

Dr Jens Schefzig

Partner, Germany

+49 40 55436 4054 Email Jens Full biog

Gianluigi Marino

Partner, Head of Digitalisation, Italy

+39 02 5413 1769 Email Gianluigi Full biog

Will Robertson

Partner, UK

+44 117 917 3660 Email Will Full biog

Tamara Quinn

Partner, UK

+44 207 105 7066 Email Tamara Full biog

Belgium

France

Germany

Italy

The Netherlands

Spain

Poland

China

Sweden

Singapore

USA

India

Search results

Belgium

France

Germany

Italy

The Netherlands

Spain

Poland

China

Sweden

Singapore

USA

India

Insights

GDPR

Article list