Privacy

The UK's privacy regulator has imposed a £60,000 fine on an English law firm following a cyber attack that led to highly sensitive and confidential personal information being published on the dark web. The Information Commissioner's Office (ICO) found that Merseyside-based DPP Law Ltd had 

The Data Protection Commission (DPC) has launched an investigation into Elon Musk's X social media platform over its use of users' posts as AI training data. X Internet Unlimited Company (XIUC), known until the start of April 2025 as Twitter Internet Unlimited Company (TIUC), was notified last week

A prominent British businessman identified as the subject of allegations of sexual harassment and bullying by a member of the House of Lords, who used parliamentary privilege to circumvent a court injunction, did not suffer a violation of his privacy rights, the European Court of Human Rights has ru

The High Court has dismissed judicial review proceedings in respect of a data breach which allegedly compromised personal data on the applicant’s work phone. Delivering judgment for the High Court, Mr Justice Barry O’Donnell was satisfied that the clear import of the applicant’s co

The Court of Justice of the European Union (CJEU) has been asked whether ex-Catholics have a right under the GDPR to have their baptismal record erased upon request. A request for preliminary ruling was submitted in January by the Brussels Court of Appeal, which is hearing an appeal in a case brough

Northern Ireland's Independent Commission for Reconciliation and Information Recovery (ICRIR) has apologised for a "limited data breach" which disclosed the names of 25 people. The legacy body said it mistakenly disclosed the names — principally of individuals who were requesting investigation

Ireland's Data Protection Commission (DPC) is taking part in Europe-wide enforcement actions focused on the "right to be forgotten". The European Data Protection Board (EDPB) last week announced its co-ordinated enforcement framework (CEF) action for 2025, involving 32 data protection authorities ac

William Fry lawyers Rachel Hayes, Adele Hall and Aoife Keenan examine a Circuit Court decision awarding €7,500 in a personal data breach claim against a government agency. In M.H. v Child and Family Agency, a 2023 ex tempore judgment, the Circuit Court awarded the plaintiff €7,50

Matheson partner Davinia Brennan considers a recent decision clarifying the definition of "personal data breach". The Irish Data Protection Commission (DPC) recently imposed a €91 million fine on Meta Platforms Ireland Limited (MPIL), having found that it violated a number of provisions of the

Ireland's Data Protection Commission (DPC) has signed a joint declaration on AI alongside data protection authorities from the UK, Australia, South Korea and France. The two-page document reaffirms the authorities' commitment to implementing data governance that promotes innovative and privacy-

The General Court of the European Union has dismissed a challenge by Ireland's Data Protection Commission (DPC) to the powers of the European Data Protection Board (EDPB). Today's judgment from the Tenth Chamber of the General Court affirms the EDPB's authority to instruct national supervisory autho

Northern Ireland firm Carson McDowell has marked World Data Protection Day with the launch of a new specialist data action response team (DART).

Donald Trump's return to the White House has put the legality of EU-US data transfers in doubt once again, privacy campaigners have warned. Three of the four sitting members of the US Privacy and Civil Liberties Oversight Board (PCLOB) have reportedly been sacked by the new president, leaving the wa

The Competition and Consumer Protection Commission (CCPC) has been given responsibility for enforcing the EU Data Governance Act (DGA) in Ireland. The DGA aims to increase trust in data sharing by establishing a harmonised framework for data sharing and setting out certain basic requirements for wha

The Data Protection Commission (DPC) has published a new data protection toolkit for schools. The 73-page resource aims to assist schools in meeting their data protection obligations when processing the personal data of children.