Ondrej Hajda

Subscribe to Ondrej Hajda's Posts
Contact:Read more about Ondrej Hajda

Today, the UK Department for Science, Innovation and Technology announced further details on the new transatlantic data flow mechanism for UK-to-US personal data transfers. In particular, the UK Secretary of State for Science, Innovation, and Technology today laid new adequacy regulations before the UK Parliament to give effect to the proposed arrangement. The deal, announced

The UK Government published its AI White Paper on 29 March 2023, setting out its proposals for regulating the use of artificial intelligence (AI) in the United Kingdom. The White Paper is a continuation of the AI Regulation Policy Paper which introduced the UK Government’s vision for the future “pro-innovation” and “context-specific” AI regulatory regime

On 25 April 2023, the UK Government announced the introduction of the Digital Markets, Competition and Consumers Bill (the “Bill”) into Parliament.1 The Bill, which reflects a key government priority of increasing consumer choice and competition, provides for:

  • Far-reaching new consumer protection powers to be conferred on the Competition & Markets Authority (the 

The UK Government has relaunched its efforts to reform the UK’s data protection regime, with the Data Protection and Digital Information Bill (No. 2) (the “Bill“) being introduced to Parliament on Wednesday 8 March. The Bill supersedes a previous version that was originally published in July 2022 (see our previous legal update).

Companies that rely on standard contractual clauses (“SCCs”) for transferring personal data from the European Economic Area (“EEA”) to jurisdictions not considered to offer an adequate level of data protection under the EU General Data Protection Regulation must ensure that none of their existing contracts use the old SCCs after 27 December 2022.

Businesses are

The UK Information Commissioner’s Office (the “ICO”) published new guidance on transfer risk assessments (“TRAs”) and a template for carrying out a TRA.

All businesses are required to carry out TRAs, also known as local law assessments or transfer impact assessments, when transferring personal data subject to the UK GDPR outside the United Kingdom using

The European Commission’s proposal to establish a European Health Data Space (“EHDS”) aims to improve access by individuals to their health data (primary use) and facilitate the re-use of health data for societal good across the European Union (secondary use).

While the draft EHDS regulation might easily get lost in an alphabet of

Companies that rely on standard contractual clauses for transferring personal data from the United Kingdom to jurisdictions not considered to offer an adequate level of data protection under the UK General Data Protection Regulation can no longer use the old EU standard contractual clauses in new contracts as of today, Wednesday 21 September 2022.

The UK Government has published its response to the consultation on its proposed reform of the UK’s data protection regime (which we have provided further information on in our previous legal update available here.) Whilst the UK Government has proposed several incremental reforms to the UK’s data protection laws that will diverge from the

On 25 May 2022, the European Commission published Questions and Answers for the New  Standard Contractual Clauses to provide practical guidance on the use of standard contractual clauses (SCCs) and help organisations with their General Data Protection Regulation (GDPR) compliance efforts. The Commission confirmed that the Q&A document will be regularly updated.

Continue reading.