In the latest episode of Fieldfisher's Data and Privacy Matters podcast, hosts Martin McElroy, Anna Rawlinson and Leo McSweeney provide a roundup of the significant legal updates from May 2025.

We begin with the Irish Data Protection Commission’s engagement with Meta’s plans to train its generative AI models using public Facebook and Instagram content. We also cover the potential for legal challenges to Meta's plans from civil society as well as other Meta developments in Germany and their response to the EDPB’s ‘consent or pay’ opinion. 

Shifting focus to broader data protection issues, we discuss the EDPB’s positive opinion on the European Patent Organisation’s adequacy decision and its cautious stance on extending the UK’s adequacy status. We also consider the European Commission's proposed targeted GDPR compliance simplifications for a specific category of small mid-cap (SMCs) enterprises.

Enforcement actions continue across the EU, with the Irish DPC fining TikTok €530 million for unlawful data transfers to China, the Italian SA fining Luka Inc. €5 million over its AI chatbot, Replika and France’s CNIL penalising SOLOCAL €900,000 for unlawful marketing practices. 

In the UK, the Data Use and Access Bill faced amendments around AI transparency in the House of Lords, and the ICO responded to the major cyberattacks on several UK retailers. 

These updates underscore the intensifying regulatory focus on AI, cross-border data flows, and commercial data use—essential insights for anyone navigating the evolving digital compliance landscape.

Find the sources of news discussed here.

April was another eventful month in the world of data and privacy, so join us as we delve into the latest news in this month's episode of the Fieldfisher Data & Privacy Matters podcast.

Lorna Cropper, Matthew Gregson,  and Charley Guile dive into the recent developments regarding the use of personal data for training AI systems, highlighting new inquiries by the Irish Data Protection Commission and Meta's ongoing efforts in the EU. This episode also covers the European Commission's AI Continent Action Plan and provides actionable insights for organisations to comply with the upcoming EU AI Act. 

Read more here:

2025 is shaping up to be an exciting year for data and privacy. Dive into the hottest stories from March in this month's episode of the Fieldfisher Data & Privacy Matters podcast.

Listen here to keep updated!

Read more here.

February was another eventful month in the world of data and privacy, so join us as we delve into the latest news in this month's episode of the Fieldfisher Data & Privacy Matters podcast.

Martin McElroy, Matthew Gregson, and Jonathan Comfort kick off the episode with a look at the latest AI developments, including the European Commission's draft guidelines on prohibited AI practices and the continued scrutiny of the Chinese AI tool DeepSeek by various EU authorities. We also comment on the Paris AI Summit and the expanding scope of the European Data Protection Board's ChatGPT task force which now covers broader AI enforcement.

Read more here.

January was a busy start to 2025 in the world of data and privacy so join us in this month's episode of the Fieldfisher's Data & Privacy Matters podcast to get some insight into the key news.

Lorna Cropper, Charley Guile, and Salma Eleyan start the episode discussing China's latest AI model, its industry impact, and the swift regulatory responses. They also delve into the UK government's AI Opportunities Action Plan and the ICO's reaction to this ambitious strategy.

Read more here.

Join the team as Lorna Cropper, Chloe Abbot and Anna Rawlinson discuss the European Data Protection Board’s (EDPB) opinion regarding AI models and personal data processing including the considerations that must be assessed on a case-by-case basis, particularly when using legitimate interests as a foundation for AI development.

Lorna then turns to the EU's progress on the General Purpose AI Code of Practice, which guides AI providers on compliance with the AI Act. This draft involves several working groups, and the next iteration is expected soon, aimed at ensuring seamless integration and practicality.

Anna follows on with updates on the ICO's consultation series on generative AI including lawful bases for using web-scraped data, the necessity for transparency, and the importance of designing AI products with data protection in mind from the outset. 

With the EU's digital strategy advancing, it's clear that the GDPR cannot be looked at in isolation and its interplay with the EU AI Act, the EU Data Strategy and the Digital Services Package is something the EDPB wants to receive more consideration, which it flags in its response to the EU's second GDPR evaluation report. 

The episode then covers the UK’s Data (Use and Access ) Bill, which proposes significant amendments to automated decision-making rules and multiple enforcement actions such as Italy's data protection regulator fining OpenAI €15 million for GDPR breaches and concludes with a discussion on Ofcom's new codes of practice aimed at addressing illegal online content under the UK's Online Safety Act.

Find the sources here.

In the latest episode of Fieldfisher's Data and Privacy Matters podcast, Nuria Pastor, Sophia Steiger and Elle Calam explore the key data and privacy news from November 2024. 

They take us through the latest on European data transfer developments, a wealth of newly published ICO guidance, codes and recommendations across a range of different sectors, UK and EU legislative updates and, last but not least, a round-up of the month's enforcement action! 

For a list of sources of the news discuss see here.

The latest episode of Fieldfisher's Data and Privacy Matters podcast, hosted by Nuria Pastor, Charley Guile, and Imogen Boffin, provides a roundup of major legal updates for September. Discussion topics include new EU standard contractual clauses, collaboration between the European Commission and EDPB, Californian legislation on AI deepfakes, NIST's new AI risk management program, and updates on AI-related legal actions involving Meta, LinkedIn, and Google. 

The episode also covers GDPR-related court rulings, including subsidiary fine calculations and supervisory authority discretion, as well as fines imposed by the French and Irish data protection authorities on businesses for GDPR violations.

In the latest episode of Fieldfisher's Data and Privacy Matters podcast, Camille Ebden, Anna Rawlinson and Sophia Steiger explore the key data and privacy news from October 2024. From the Data (Use and Access) Bill, headlines from across the EDPB, CJEU and ICO, cyber security regulatory updates and a round-up of the month's enforcement action, this is a jam-packed episode! 

For a list of sources of the news discuss see here.

In this action-packed eighth episode of Fieldfisher's Data & Privacy Matters podcast, Lorna Cropper, Martin McElroy and Laura Williams look at the key data and privacy news from August 2024.  

They take us through EU AI Act coming into force, the ICO's latest consultation on generative AI and the latest enforcement news from the EU and the UK. The episode explores the ICO's announcement in relation to social media and video sharing platforms and their children's privacy practices, how the new ICO privacy notice generator may help organisations and SMEs and the news that the ICO will be reviewing their fees. And to bring this episode to a close, the team will discuss the latest action taken against the Labour Party for failing to respond to SARs on time, a €290 million fine to Uber and a £6 million provisional fine against a software provider following a ransomware attack in August 2022, which disrupted the NHS and social care services.

A list of sources of the news discussed can be found here.