Earlier this month (September 2022) Meta Platforms Ireland Limited (a subsidiary of Meta Inc (owner of numerous social media sites including Facebook, Instagram and WhatsApp) was fined €405 Million by Ireland’s Data Protection Commission (“DPC”) following an investigation into their handling of children’s data on Instagram, the fine being one of the largest of its kind issued by the regulator.
The UK Government recently published its AI policy paper, “Establishing a pro-innovation approach to regulating AI”. The paper sets out the policy the Government intends to pursue in the regulation of AI and adopts an interesting approach to the policing of a fast changing and constantly evolving sector.
The Outer House of the Court of Session’s decision in the Petition of Robert Bartosik [2022] CSOH 55 is one of a relatively limited number of Scottish decisions regarding breaches of the data protection principles. It provides a helpful glimpse into the court’s approach to the data protection principles and illustrates a willingness to consider the wider impacts of the processing, as well as an increasing scrutiny of the distress that breaches can cause.
In May 2022, the UK Government published the first part of its Product Security and Telecommunications Infrastructure Bill (“the Bill”). The Bill was published in light of the government’s National Cyber Strategy aiming to strengthen the UK’s cyber ecosystem and minimize security risks, allowing it take the lead in global cyber power. These aims might sound abstract, however, in an increasingly digital world it is essential that every business properly considers its cyber security.