The 2018 Marriott data breach was one of the biggest of its type in history, and was initially looking at receiving one of the biggest fines of £99 million. However, the UK ICO has reduced the penalty to £18.4 million.
The UK ICO has wrapped up a preliminary investigation into Snap's AI chatbot, and has indicated that it is failing to adequately address children's privacy risks. There are numerous concerns about AI chatbots that are not yet resolved, but children's privacy seems to have driven much of the early action from regulators.
Outgoing UK Information Commissioner Elizabeth Denham has suggested a shift in focus from individual cookie popups at each website to regulation of browsers and devices as the source of expressing user tracking preferences.
UK ICO has reached a provisional finding that TikTok failed to protect children's privacy from 2018 to 2020. If this finding holds up, TikTok could be on the hook for a £27 million fine.
Experian’s data broking department providing marketing analytics is in trouble with the UK ICO, requiring it to make major changes to its direct marketing services.
UK ICO is investigating claims of employee surveillance that include using tracking software to determine when and for how long employees were away from their desks.
A new Commissioner's Opinion issued by the UK's ICO reiterates the country's data protection standards and lays out its vision of future regulation plans for adtech companies.
The UK ICO guidelines specify that workplace monitoring must be disclosed to employees (along with its 'clearly defined' purpose), and the 'least intrusive' method must be used to accomplish the stated purpose.
Issuing GDPR fines is just the first step of the process; at some point they have to be collected, and the UK ICO is struggling to do that with only a 26% success rate.
One of the largest GDPR fines to date, the UK ICO's decision found that the travel giant was negligent due to ‘poor security arrangements’ creating a hole that was exploited for two months.