The UK’s financial regulator has handed down a £16.4m fine to Tesco Bank for its failings in relation to a cyberattack in 2016, bringing to the fore questions of regulatory jurisdiction in a post...
On September 26, 2018, the Information Commissioner’s Office (ICO) announced that it had formally commenced enforcement proceedings against 34 organisations, including various financial...
On September 24, 2018, France’s data protection authority, the National Commission on Informatics and Liberty (Commission Nationale de l’Informatique et des Libertés - CNIL), published a study...
British Airways has confirmed that cardholders’ CVV numbers were accessed during a recent high-profile data breach, but said the highly sensitive information was not being stored internally.
Lawmakers in the Netherlands have touted the idea of a consent dashboard to be implemented by banks to help consumers manage access permissions given to third-party providers.
This practical guide provides an overview of the notion of “consent” under the General Data Protection Regulation (GDPR), based on the explanations given by the former Article 29 Working Party.
On August 13, 2018, the Act transposing the Network and Information Security Directive was published in the Portuguese official gazette. The act establishes a legal framework for the security of...
On August 2, 2018, HM Treasury published a discussion paper analysing the economic value of data and the challenges related to enhanced data-driven innovation. The paper is the first of a series of...
On May 15, 2018, the Data Protection Act 2018 of the Isle of Man entered into force under the order of the Council of Ministers. The act aims to enhance the protection of personal data and to...
On June 20, 2018, the Department for Digital, Culture, Media and Sport published a public consultation, in order to review the data controllers’ exemptions from paying charges to the Information...
On April 3, 2018, the Office of the Commissioner for Personal Data Protection launched a public consultation on a preliminary draft law implementing a number of the provisions of the General Data...
France’s data protection authority will be tasked with drafting guidelines on third-party access to non-payment accounts, after lawmakers failed to agree on broadening the scope of the revised...
New EU rules on data protection have had unintended consequences for firms fighting transaction laundering and fraud, due to restrictions placed on a global database seen as a critical resource by...
To help businesses comply with the GDPR, which applies across the European Union as of May 25, 2018, PaymentsCompliance provides a summary on guidance from European and national data protection...
The EU’s independent privacy watchdog has offered its interpretation of the interrelating issues between the revised Payment Services Directive (PSD2) and data protection requirements, amid...
On July 5, 2018 the Commission for Personal Data Protection issued clarification guidelines on when consent is not required for the processing of personal data, in line with the EU General Data...

Pages