The episode starts with a discussion of the EDPB's consultation regarding the Processor Binding Corporate Rules (BCR-Ps). The consultation seeks feedback on the EDPB's draft recommendations on the BCR-Ps which include standardisation measures and various clarifications and explanations, alongside discussion on the scope of the BCR-Ps.

The team then speaks about recent developments in online safety for children. As discussed last episode, it truly does seem to be the year of the child when it comes to international data protection.  First, the podcast discusses the Global Online Safety Regulators Network's joint statement on shared principles for the adoption of age-assurance technologies. The UK government's consultation into children's access to social media is also explored, and finally the podcast reviews the EU push for age-based restrictions to social media.

The podcast then summarises news from the UK. The episode looks at the ICO's new powers and the new criminal offences under the Data (Use and Access) Act 2025. Recent investigations are then discussed, with a focus on Grok and Meta who are under scrutiny from the ICO and Ofcom. Before moving on to the EU, the team also touch on various structural developments to the ICO and Ofcom, with a formal cooperation agreement established between Ofcom and the Internet Watch Foundation, and updated ICO guidance published on Rights of Access and International Data Transfers.

On the EU front there was a range of matters requiring the podcast's attention this month. The diverse topics explored include the EU-Brazil adequacy decision, the Irish X Internet Unlimited Company litigation, an EU Digital Omnibus update, negotiations regarding the detection of online CSAM and new Regulation (EU) 2025/2518.

The episode is wrapped up with mentions of significant fines and enforcements, including various French CNIL fines ranging from €3.5 million to €27 million and the European Commission's preliminary findings that TikTok is in breach of the Digital Services Act (although we note a final decision has not yet been reached).

With the volume of continuous developments in the data and privacy ecosystem, it can be hard to stay on top of the key news stories. This is a must-listen podcast to catch up on notable data and privacy news in the past month and consider what your business or organisation needs to be doing in response.

Find the source of news discussed here.

In the latest privacy podcast episode Anna Rawlinson, Lorna Cropper and Harry Barder delve into the data and privacy stories that captured their attention throughout December 2025. Join them as we explore developments and new stories that are impacting businesses and organisations, including:

• updates to the rules and regulations applicable to children's use of online services from across the globe in Australia to here in the UK;
• recent developments from Ofcom, including insights into recent fines issued;
• updates from the ICO including their response to the Cyber Security and Resilience Bill and their revised Right of Access guidance;
• news from the EU, including an analysis of the practicality of a single cyber-reporting hub in the EU and the CJEU's ruling on X v Russmedia Digital SRL and Inform Media Press SRL; and
• various fines and enforcement actions during the month.

Read more here: Data and Privacy Matters: Legal Updates - December 2025

Tune in to the action-packed latest episode of Fieldfisher's Data & Privacy Matters podcast, as Camille Ebden, Tessa Waite and Rida Ahmed look at the key data and privacy news from November 2025. 

They dive into the latest news on the much anticipated publishing of the EU Digital Omnibus Regulation Proposal and how this aims to simplify and harmonise digital regulations in the EU. After discussing the CJEU's Inteligo Media decision which impacts the interpretation of e-marketing rules under the ePrivacy Directive, the team consider international data transfer developments in India, Brazil the US and China. This is followed by discussions around the latest Online Safety Act implementation from Ofcom and the publishing of the UK's draft Cyber Security and Resilience Bill. Finally, the team consider the latest from the ICO and highlight the key fines and enforcements that have occurred throughout the month.  

A list of sources of the news discussed can be found here. 

 In the latest episode of Fieldfisher’s Data and Privacy Matters podcast, hosts Lorna Cropper, Emma Yaltaghian and Sophie Gosling provide a comprehensive roundup of the key legal developments from October 2025. 

The team start by discussing the Irish DPC’s €530 million fine against TikTok, with the regulator finding that TikTok had not applied appropriate safeguards when transferring data to China and had fallen short on its transparency obligations. The team also reviewed the EDPB’s opinion on the UK’s adequacy decision, which welcomed continued alignment with EU standards but raised concerns over new ministerial powers introduced under the Data (Use and Access) Act. 

They continue with coverage of the ICO’s successful appeal against Clearview AI, confirming that the regulator can take enforcement action against overseas organisations processing UK residents' data - even if they are third party controllers and do not engage in such monitoring themselves. The ICO’s ongoing consultations were also discussed, including new guidance on enforcement and the upcoming charitable purpose soft opt-in for direct marketing.

The team reflects on the high-profile case of former MasterChef host Gregg Wallace, who brought legal action against the BBC for delayed responses to his data subject access requests, highlighting the operational and reputational risks of mishandled DSARs.

Finally, the team discusses several major enforcement actions. Capita was fined £14 million following its 2023 ransomware attack, Grindr’s €6.5 million penalty for unlawful data sharing was upheld in Norway, and the Dutch DPA fined Experian €2.7 million for unlawful credit profiling.

In the latest episode of Fieldfisher's Data and Privacy Matters podcast, hosts Martin McElroy, Anna Rawlinson and Rida Ahmed provide a comprehensive roundup of the key legal developments from September 2025. 

Read more here: Data and Privacy Matters: Legal Updates - September 2025

In this latest episode of Fieldfisher’s Data and Privacy Matters podcast, hosts Anna Rawlinson, Lorna Cropper and Emma Yaltaghian  provide a comprehensive roundup of the key legal developments from August 2025.

The team start by discussing the growing criticism of the EU’s digital regulations, including the Digital Services Act and AI Act, with concerns about their impact on innovation. They also touch on the EU Data Act, effective September 2025, which brings new rules on data access and interoperability. 

 Discussion then turns to ICO consultations on the new lawful bases of recognised legitimate interests and complaints procedure.  Attention is also give to the Online Safety Act which now requires strict age verification for adult content and the surge in VPN use.

 The podcast also covers legal challenges to consent models, increased oversight of influencer marketing, and major enforcement actions, including sizeable fines in Spain and Poland.

In the latest episode of Fieldfisher’s Data and Privacy Matters podcast, hosts Lorna Cropper, Emma Yaltaghian and Leo McSweeney provide a comprehensive roundup of the key legal developments from July 2025. 

The team start by discussing how the ICO released guidance to prevent data breaches in document disclosure and how the European Commission has reviewed the UK's adequacy decision. Focus then turns to AI advancements, including the European Commission’s AI Code of Practice and the UK’s digital library for AI guidance.

Lorna reports on the GDPR’s positive impact on cybersecurity by way of the CNIL's report, showing reduced identity theft across the EU before highlighting OFCOM's children's codes of practice, which became effective in July and aim to improve online safety for children.

The episode wraps up with significant enforcement news, including a major inquiry into a data breach affecting Afghan and British military officials and an £18,000 fine imposed on a Scottish charity for the unauthorised destruction of personal records.

In the latest episode of Fieldfisher’s Data and Privacy Matters podcast, hosts Martin McElroy, Emma Yaltaghian and David Horne provide a comprehensive roundup of the key legal developments from June 2025.

Read more, and find the sources here.

In the latest episode of Fieldfisher's Data and Privacy Matters podcast, hosts Martin McElroy, Anna Rawlinson and Leo McSweeney provide a roundup of the significant legal updates from May 2025.

We begin with the Irish Data Protection Commission’s engagement with Meta’s plans to train its generative AI models using public Facebook and Instagram content. We also cover the potential for legal challenges to Meta's plans from civil society as well as other Meta developments in Germany and their response to the EDPB’s ‘consent or pay’ opinion. 

Shifting focus to broader data protection issues, we discuss the EDPB’s positive opinion on the European Patent Organisation’s adequacy decision and its cautious stance on extending the UK’s adequacy status. We also consider the European Commission's proposed targeted GDPR compliance simplifications for a specific category of small mid-cap (SMCs) enterprises.

Enforcement actions continue across the EU, with the Irish DPC fining TikTok €530 million for unlawful data transfers to China, the Italian SA fining Luka Inc. €5 million over its AI chatbot, Replika and France’s CNIL penalising SOLOCAL €900,000 for unlawful marketing practices. 

In the UK, the Data Use and Access Bill faced amendments around AI transparency in the House of Lords, and the ICO responded to the major cyberattacks on several UK retailers. 

These updates underscore the intensifying regulatory focus on AI, cross-border data flows, and commercial data use—essential insights for anyone navigating the evolving digital compliance landscape.

Find the sources of news discussed here.

April was another eventful month in the world of data and privacy, so join us as we delve into the latest news in this month's episode of the Fieldfisher Data & Privacy Matters podcast.

Lorna Cropper, Matthew Gregson,  and Charley Guile dive into the recent developments regarding the use of personal data for training AI systems, highlighting new inquiries by the Irish Data Protection Commission and Meta's ongoing efforts in the EU. This episode also covers the European Commission's AI Continent Action Plan and provides actionable insights for organisations to comply with the upcoming EU AI Act. 

Read more here: