Cyber and Information security

Cyber and data breaches: the questions that always arise

Lawson Caisley

When a company is the victim of a cyber attack or data breach, a number of crucial questions will have to be answered immediately.  These include: Must we involve the police? Do we need to pursue urgent civil remedies for real protection? Can/should we pay a ransom? When do we report to regulators? When do Read More

No Comments

Should we be Surprised by the Latest ICO Fines?

David Smith

Like many others in the data protection world I was initially taken aback by the size of latest fines proposed by the ICO. The idea of fining British Airways in excess of £183m and Marriott International nearly £100m for data breaches that in pre-GDPR days would have attracted fines of no more than £500,000, and Read More

No Comments

ICO bares its teeth with plans to issue over £280m in fines

Adam Smith

Those in the travel sector would be forgiven for feeling rather nervous after the UK’s Information Commissioner’s Office (ICO) announced plans to issue major fines to British Airways and Marriott International following separate data breach incidents in 2018. On 8 June 2019, the ICO issued a statement of its intention to fine British Airways £183.39m Read More

No Comments

The effect of the new UK cybersecurity laws

Charlotte Mullarkey

On 10 May the Network and Information Systems Regulations 2018 came into force in the UK. These implement the EU NIS Directive, EU-wide rules on cybersecurity. The NIS Directive had to be transposed into Member State laws by 9 May 2018. Many Member States have not met the deadline. Which companies are caught? The UK Read More

No Comments

Using artificial intelligence to fight financial crime – a legal risk perspective

Ian Rodgers

The Head of the Financial Crime Department at the UK Financial Conduct Authority (the FCA), Rob Gruppetta, gave a speech on “Using artificial intelligence to keep criminal funds out of the financial system” in December 2017 (1). In it, he explored how artificial intelligence (AI) could potentially be used to prevent financial crime, and for Read More

No Comments

US Consumer Financial Protection Bureau guidelines for third-party financial data sharing

Jacob Reed

On October 18, the U.S. Consumer Financial Protection Bureau (CFPB) published nine principles for the protection of consumers in the emerging financial data aggregation industry. The CFPB, which is charged with ensuring consumer access to fair and transparent financial services, emphasized that the principles are not intended as guidance on existing laws and regulations and Read More

No Comments