How are NFT’s regulated in the UK?

Orange background, blue icon representing a privacy policy

The Financial Conduct Authority (FCA) has not yet provided guidance on NFT’s specifically with regards to regulation in the United Kingdom (UK). However, the FCA has distinguished between regulated tokens and unregulated tokens. Regulated tokens include security tokens which fall under the definition of specified investments under the Financial Services and Markets Act 2000 (Regulated […]

Are you ready to comply with the Children’s Code by 2 September 2021?

image to represent data protection

The Age Appropriate Design Code or Children’s Code came into force on the 2 September 2020. It has a twelve-month transition period which means organisations need to conform by 2 September 2021. The Code is a statutory code of practice under the Data Protection Act 2018. Data protection law recognises that the personal data of […]

UK and New Zealand sign data protection agreement

talking about personal data

The United Kingdoms (UK) Information Commissioner’s Office (ICO) and the New Zealand Office of the Privacy Commissioner (OPC) have signed a “memorandum of understanding” which recognises the two country’s shared objective to protect information rights. The memorandum puts in writing how the two authorities will further share, best practices and experiences, information, cooperate in projects […]

TikTok facing £1bn claim for ‘illegally’ collecting children’s data

image to represent data protection

TikTok and its parent company ByteDance is facing a data claim worth £1 billion over allegations that it illegally collected the personal information of children whilst they used its app. The claim has been filed at the High Court in England and Wales. The claimants have stated the defendants ‘deliberately violated United Kingdom and European […]

The Principles of Data Protection

talking about personal data

The General Data Protection Regulation (GDPR) which was implemented into United Kingdom (UK) law with the Data Protection Act 2018, sets out data protection principles that data controllers must comply with. They are as follows: The lawfulness, fairness, and transparency principle – Lawfulness: there are six lawful bases for the processing of data as set […]

How you can lawfully process data!

talking about personal data

To process personal data, you must have a valid lawful basis. There are six lawful bases for processing. The most appropriate basis will depend on your relationship with the individual. The requirement of most of the lawful bases is that the processing is ‘necessary’ for a specific purpose. You will not have a lawful basis […]

British Airways facing lawsuit over 2018 data breach


On 16 October 2020, the Information Commissioner’s Office (ICO) released a Penalty Notice against British Airways plc. It stated that ‘between 22 June and 5 September 2018, a malicious actor (the Attacker) gained access to an internal BA application through the use of compromised credentials for a Citrix remote access gateway. After gaining access to […]

News: ICO fines British Airways for its 2018 data breach

talking about personal data

The General Data Protection Regulations (GDPR) came into force in May 2018 and was incorporated into UK law with the Data Protection Act 2018 (DPA). The GDPR and DPA provided substantial fines compared to its predecessor. Companies can now be fined a maximum of ‘20 million Euros or 4% of the undertakings total annual worldwide […]

What is the Information Commissioner’s Office?

talking about personal data

The Information Commissioner’s Office (ICO) is an independent public authority which is the United Kingdoms (UK) data protection regulator. Its task is to uphold information rights for the UK public. It enforces the Data Protection Act and has responsibility for the Freedom of Information Act 2000, Privacy and Electronic Communications (EC Directive) Regulations 2003, and […]