Reddit Fined £14.47m by ICO for Children’s Privacy Failures — 2026
Reddit fined £14.47m by ICO for children's privacy failures under GDPR and DPA 2018. What this means for your organisation.
Articles
Practical guidance on UK GDPR, data protection, and privacy compliance. From ICO enforcement updates to implementation guides, we help you stay informed and compliant.
EDPB Launches 2026 Coordinated GDPR Enforcement on Transparency – What Teams Need to Prepare
The EDPB's 2026 coordinated enforcement action targets GDPR transparency. Learn what HR, marketing, and compliance teams should check now.
Minnesota MCDPA Is Already in Force — Is Your Organisation Compliant?
Minnesota's Consumer Data Privacy Act has been in force since July 2025. Check your MCDPA compliance now — enforcement is…
Advanced Computer Software Group Fined £3m by ICO for NHS Ransomware Data Breach — 2025
The ICO fined Advanced Computer Software Group £3m for the 2022 NHS ransomware data breach. Learn what this means for…
EU AI Act Prohibited Systems Ban Takes Effect — What HR and Compliance Teams Need to Know
The EU AI Act's prohibited systems ban is now in force. Here's what HR and compliance teams need to know…
ICO Updates Cookie Consent Rules Under the Data (Use and Access) Act — What Organisations Need to Do Now
The Data (Use and Access) Act 2025 creates five new PECR cookie consent exemptions from February 2026. What your organisation…
Indiana Consumer Data Protection Act — What Managers Need to Know in 2026
Indiana Consumer Data Protection Act (INCDPA) is now in force. The enforcement grace period ends July 1, 2026. What managers…
Reddit Fined £14.47m by ICO for Children’s Privacy Failures — 2026
Reddit fined £14.47m by ICO for children's privacy failures under GDPR and DPA 2018. What this means for your organisation.
Copyright vs. GDPR: The Tension in AI Training and Data Protection
Every dataset scraped from the internet to train an AI model contains two things: copyrighted material and personal data. A…
Cross-Border Data Breach Lawsuits: Courts Are Coming for You
An Estonian crypto company with no office in the US just got dragged into a California courtroom. A facial recognition…
Age Verification Is No Longer Optional: How Regulators Are Raising the Bar
In early 2026, regulators on both sides of the Atlantic fined platforms, blocked laws, and rewrote policy — all focused…
The UK Just Quietly Flipped the Switch on Automated Decisions
There’s a question doing the rounds in data protection circles: do the UK’s new automated decision-making rules actually change anything?…
UK Data Use and Access Act: What Changes on 5 February 2026 and How to Prepare
The UK’s Data (Use and Access) Act 2025 (DUAA) comes into force on 5 February 2026. Before you worry about…
AI Note Taking Tools and GDPR: Do You Need a New Lawful Basis?
Using AI tools for meeting notes and transcription? Find out whether you need a new lawful basis under UK GDPR…
ICO Launches Investigation into X and xAI Over Grok Deepfake Concerns
The Information Commissioner’s Office has announced formal investigations into X Internet Unlimited Company (XIUC) and X.AI LLC over concerns that…
Indiana INCDPA Fines: What We Know So Far
The Indiana Consumer Data Protection Act took effect on January 1 2026. The Indiana Attorney General has signaled an intention…
Rhode Island RIDTPPA Fines: What We Know So Far
The Rhode Island Data Transparency and Privacy Protection Act took effect on January 1 2026. The law is notable for…
Kentucky KCDPA Fines: What We Know So Far
The Kentucky Consumer Data Protection Act takes effect on January 1 2026. As of this writing, the law is not…
Minnesota CDPA Fines: What We Know So Far
The Minnesota Consumer Data Privacy Act took effect on July 1 2025. The law includes unique requirements like the right…
MODPA Fines: What We Know So Far
The Maryland Online Data Privacy Act took effect on October 1 2025, though it does not apply to processing activities…