Technology, Data and Privacy

Hosted by Fieldfisher

Business

Website RSS feed

Episodes

Latest episode

May 2026

Language

EN-GB

About the show

Fieldfisher's European team of tech, data and privacy lawyers bring you the latest updates from the rapidly evolving world of data privacy, regulation, AI, automation. and robotics.

Listen to episodes

34 recent

May 15, 2026Episode 413 min

Data and Privacy Matters: Legal Updates - April 2026

Nuria Pastor, Hannah Wallet, and Sophia Steiger round up key data and privacy news from April 2026. They discuss developments from Europe as the EDPB adopts new guidelines on the processing of personal data for scientific research and a new DPIA template. The ICO is the next focus and the team looks at a joint report concerning agentic AI, a new Code of Practice on AI and Automated Decision Making Regulations together with the new guidance on storage and access technologies. The relationship between children and social media remains a hot topic and the team discuss the latest developments across different jurisdictions. The team looks at the judgment in RTM v Bonne Terre Ltd & Hestview Ltd[2025] EWHC 111 (KB) which examines the objectivity of "consent" under the UK GDPR and PECR. The episode then discusses the trend with privacy-related fines in the US before finishing with some recent high-profile data breaches from across Europe and the globe, and the lessons that can be learnt from these incidents.Find the sources here: Data and Privacy Matters: Legal Updates - April 2026

April 21, 2026Episode 325 min

Data and Privacy Matters: Legal Updates - March 2026

In the March edition of Data & Privacy Matters, the Fieldfisher Tech and Data team round up key UK and EU developments across data protection, online safety, cybersecurity, and digital regulation. They begin with the ICO’s draft updated guidance on automated decision‑making and profiling, published following the Data Use and Access Act 2025. The guidance clarifies when automated decision‑making rules apply, what meaningful human involvement looks like, and signals a shift towards a more permissive “right to challenge” model.Staying with the ICO, they discuss updated purpose limitation guidance, which tightens expectations around compatibility assessments and record‑keeping where personal data is reused, particularly where consent was the original lawful basis.Children’s online safety remains a major focus this month. The team cover the joint ICO and Ofcom statement on age assurance under the Online Safety Act, alongside potential European Commission enforcement under the Digital Services Act, reflecting increased regulatory scrutiny of age assurance, default settings and systemic risk.European developments continue with draft guidance on the Cyber Resilience Act, clarification on software scope, and the closure of the Digital Fitness Check consultation under the Commission’s Digital Omnibus initiative.They conclude with enforcement and litigation updates, including the CJEU’s Brillen Rottler ruling on abusive DSARs and a cyber incident at UK Companies House.Find the sources here.

March 19, 2026Episode 218 min

Data and Privacy Matters: Legal Updates - February 2026

Tune in to the action-packed latest episode of Fieldfisher's Data & Privacy Matters podcast, as Camille Ebden, Melanie Ludolph and Rida Ahmed look at the key data and privacy news from February 2026.Read more here.

February 19, 2026Episode 125 min

Data and Privacy Matters: Legal Updates - January 2026

The episode starts with a discussion of the EDPB's consultation regarding the Processor Binding Corporate Rules (BCR-Ps). The consultation seeks feedback on the EDPB's draft recommendations on the BCR-Ps which include standardisation measures and various clarifications and explanations, alongside discussion on the scope of the BCR-Ps.The team then speaks about recent developments in online safety for children. As discussed last episode, it truly does seem to be the year of the child when it comes to international data protection. First, the podcast discusses the Global Online Safety Regulators Network's joint statement on shared principles for the adoption of age-assurance technologies. The UK government's consultation into children's access to social media is also explored, and finally the podcast reviews the EU push for age-based restrictions to social media.The podcast then summarises news from the UK. The episode looks at the ICO's new powers and the new criminal offences under the Data (Use and Access) Act 2025. Recent investigations are then discussed, with a focus on Grok and Meta who are under scrutiny from the ICO and Ofcom. Before moving on to the EU, the team also touch on various structural developments to the ICO and Ofcom, with a formal cooperation agreement established between Ofcom and the Internet Watch Foundation, and updated ICO guidance published on Rights of Access and International Data Transfers.On the EU front there was a range of matters requiring the podcast's attention this month. The diverse topics explored include the EU-Brazil adequacy decision, the Irish X Internet Unlimited Company litigation, an EU Digital Omnibus update, negotiations regarding the detection of online CSAM and new Regulation (EU) 2025/2518.The episode is wrapped up with mentions of significant fines and enforcements, including various French CNIL fines ranging from €3.5 million to €27 million and the European Commission's preliminary findings that TikTok is in breach of the Digital Services Act (although we note a final decision has not yet been reached).With the volume of continuous developments in the data and privacy ecosystem, it can be hard to stay on top of the key news stories. This is a must-listen podcast to catch up on notable data and privacy news in the past month and consider what your business or organisation needs to be doing in response.Find the source of news discussed here.

January 19, 2026Episode 1225 min

Data and Privacy Matters: Legal Updates - December 2025

In the latest privacy podcast episode Anna Rawlinson, Lorna Cropper and Harry Barder delve into the data and privacy stories that captured their attention throughout December 2025. Join them as we explore developments and new stories that are impacting businesses and organisations, including:updates to the rules and regulations applicable to children's use of online services from across the globe in Australia to here in the UK;recent developments from Ofcom, including insights into recent fines issued;updates from the ICO including their response to the Cyber Security and Resilience Bill and their revised Right of Access guidance;news from the EU, including an analysis of the practicality of a single cyber-reporting hub in the EU and the CJEU's ruling on X v Russmedia Digital SRL and Inform Media Press SRL; andvarious fines and enforcement actions during the month.Read more here: Data and Privacy Matters: Legal Updates - December 2025

December 12, 2025Episode 1120 min

Data and Privacy Matters: Legal Updates - November 2025

Tune in to the action-packed latest episode of Fieldfisher's Data & Privacy Matters podcast, as Camille Ebden, Tessa Waite and Rida Ahmed look at the key data and privacy news from November 2025. They dive into the latest news on the much anticipated publishing of the EU Digital Omnibus Regulation Proposal and how this aims to simplify and harmonise digital regulations in the EU. After discussing the CJEU's Inteligo Media decision which impacts the interpretation of e-marketing rules under the ePrivacy Directive, the team consider international data transfer developments in India, Brazil the US and China. This is followed by discussions around the latest Online Safety Act implementation from Ofcom and the publishing of the UK's draft Cyber Security and Resilience Bill. Finally, the team consider the latest from the ICO and highlight the key fines and enforcements that have occurred throughout the month. A list of sources of the news discussed can be found here.

November 14, 2025Episode 1025 min

Data and Privacy Matters: Legal updates - October 2025

In the latest episode of Fieldfisher’s Data and Privacy Matters podcast, hosts Lorna Cropper, Emma Yaltaghian and Sophie Gosling provide a comprehensive roundup of the key legal developments from October 2025. The team start by discussing the Irish DPC’s €530 million fine against TikTok, with the regulator finding that TikTok had not applied appropriate safeguards when transferring data to China and had fallen short on its transparency obligations. The team also reviewed the EDPB’s opinion on the UK’s adequacy decision, which welcomed continued alignment with EU standards but raised concerns over new ministerial powers introduced under the Data (Use and Access) Act. They continue with coverage of the ICO’s successful appeal against Clearview AI, confirming that the regulator can take enforcement action against overseas organisations processing UK residents' data - even if they are third party controllers and do not engage in such monitoring themselves. The ICO’s ongoing consultations were also discussed, including new guidance on enforcement and the upcoming charitable purpose soft opt-in for direct marketing.The team reflects on the high-profile case of former MasterChef host Gregg Wallace, who brought legal action against the BBC for delayed responses to his data subject access requests, highlighting the operational and reputational risks of mishandled DSARs.Finally, the team discusses several major enforcement actions. Capita was fined £14 million following its 2023 ransomware attack, Grindr’s €6.5 million penalty for unlawful data sharing was upheld in Norway, and the Dutch DPA fined Experian €2.7 million for unlawful credit profiling.

October 21, 2025Episode 916 min

Data & Privacy Matters: Legal Updates – September 2025

In the latest episode of Fieldfisher's Data and Privacy Matters podcast, hosts Martin McElroy, Anna Rawlinson and Rida Ahmed provide a comprehensive roundup of the key legal developments from September 2025. Read more here: Data and Privacy Matters: Legal Updates - September 2025

September 17, 2025Episode 828 min

Data and Privacy Matters: Legal updates – August 2025

In this latest episode of Fieldfisher’s Data and Privacy Matters podcast, hosts Anna Rawlinson, Lorna Cropper and Emma Yaltaghian provide a comprehensive roundup of the key legal developments from August 2025.The team start by discussing the growing criticism of the EU’s digital regulations, including the Digital Services Act and AI Act, with concerns about their impact on innovation. They also touch on the EU Data Act, effective September 2025, which brings new rules on data access and interoperability. Discussion then turns to ICO consultations on the new lawful bases of recognised legitimate interests and complaints procedure. Attention is also give to the Online Safety Act which now requires strict age verification for adult content and the surge in VPN use. The podcast also covers legal challenges to consent models, increased oversight of influencer marketing, and major enforcement actions, including sizeable fines in Spain and Poland.

August 13, 2025Episode 724 min

Data & Privacy Matters: Legal Updates – July 2025

In the latest episode of Fieldfisher’s Data and Privacy Matters podcast, hosts Lorna Cropper, Emma Yaltaghian and Leo McSweeney provide a comprehensive roundup of the key legal developments from July 2025. The team start by discussing how the ICO released guidance to prevent data breaches in document disclosure and how the European Commission has reviewed the UK's adequacy decision. Focus then turns to AI advancements, including the European Commission’s AI Code of Practice and the UK’s digital library for AI guidance.Lorna reports on the GDPR’s positive impact on cybersecurity by way of the CNIL's report, showing reduced identity theft across the EU before highlighting OFCOM's children's codes of practice, which became effective in July and aim to improve online safety for children.The episode wraps up with significant enforcement news, including a major inquiry into a data breach affecting Afghan and British military officials and an £18,000 fine imposed on a Scottish charity for the unauthorised destruction of personal records.