David Erdos

Civil liberties groups call for inquiry into UK data protection watchdog Campaigners including Good Law Project describe ICO ‘collapse in enforcement activity’ after Afghan data breach

The final straw – the Information Commissioner's Office has decided NOT to investigate the Afghan data leak. It's time to investigate them!

Over 70 organisations and experts back ORG's call for an inquiry into the regulator's chronic failure to enforce data law.

www.theguardian.com/technology/2...

Civil liberties groups call for inquiry into UK data protection watchdog Campaigners including Good Law Project describe ICO ‘collapse in enforcement activity’ after Afghan data breach

What’s happened to the ICO’s enforcement regime?

We’ve signed @openrightsgroup.org’s letter calling for an inquiry after the data regulator declined to formally investigate the MoD over the Afghan data breach.
https://bit.ly/48gc9ZZ

A teddy bear equipped with AI was meant to be a child’s chat companion, but it eagerly jumped into topics like BDSM and “where to find knives.” The manufacturer stopped sales and cut off access. AI toys need strict filters, testing, and oversight or ot ends in a plush sewer. #AIact #GDPR

70+ organisations and experts demand action over failing ICO Over 70 civil society organisations, academics and data protection experts have urged the Chair of the Select Committee for Science Information and Technology to open an inquiry into the collapse in e...

With no investigation even of Afghan #databreach despite grave risk to c100K & just 2 UK #GDPR fines in 24/25, I'm proud to join 70+ orgs & experts call on Commons Sci & Tech Committee, which oversees the ICO, to investigate #dataprotection enforcement probs www.openrightsgroup.org/press-releas...

ChatGPT violated copyright law by ‘learning’ from song lyrics, German court rules OpenAI ordered to pay undisclosed damages for training its language models on artists’ work without permission

"Munich regional court sided in favour of Germany’s music rights society GEMA, which said ChatGPT had harvested protected lyrics by popular artists to “learn” from them" Paying for the lack of respect and permission
www.theguardian.com/technology/2...

Al Jazeera English on X: "Would Trump’s $1bn lawsuit against the BBC hold up in court? https://t.co/QczYzdg6L9 https://t.co/sPOoIiduda" / X Would Trump’s $1bn lawsuit against the BBC hold up in court? https://t.co/QczYzdg6L9 https://t.co/sPOoIiduda

Good to give input on @AJEnglish piece on barriers to #Trump action against #BBC. US #defamation law shields speech about public officials unless can show publisher knew was false or showed a reckless disregard for this. BBC is clear was unintentional. x.com/AJEnglish/st...

The PAC's findings raise further Qs about about the lack of ICO investigation or any formal regulatory action (even a mere reprimand) in response to this egregious #databreach which clearly arose from a long period of #dataprotection practices in grave violation of UK #GDPR.

Afghan data breach: MoD has not done enough to stop future similar incident, PAC warns - Committees - UK Parliament The Public Accounts Committee (PAC) is not confident that the MoD has done enough to reduce the risk of future incidents like the 2022 Afghan data breach.

The Committee is also clear that even now the MoD "has not done enough to stop future similar incident": committees.parliament.uk/committee/12... The cost of these errors, even only financially, dwarfs any impact which early and dissuasive use of penalties by ICO would have entailed.

Alongside grave individual impact, Public Accounts Committee finds that Afghan #spreadsheet #databreach will likely cost c£850m & arose within a context where the MoD "did not do enough to learn the lessons from previous data breaches" reported to ICO committees.parliament.uk/committee/12...

The Commission will introduce the Digital Omnibus on November 19, simplifying of the implementation of AI Act.

Here's the text shared by netzpolitik.org:
lnkd.in/dCTW36pS.

Fantastic lecture by @ukandeu.bsky.social Prof @anandmenon.bsky.social for the annual @eulegalstudies.bsky.social Mackenzie Stuart Lecture @cambridgelaw.bsky.social, chaired by Prof @cbarnard.bsky.social reflecting on the 2015 general election and inequality in the run up to the Brexit.

Afghan Data Breach and Resettlement Schemes - Committees - UK Parliament This inquiry will examine the circumstances behind and the consequences of a major data breach in February 2022 from the Ministry of Defence. The breach involved the personal data of thousands of Afghan applicants for resettlement to the UK and their families, potentially putting these people at risk of reprisals. The inquiry aims to understand how this breach could have been allowed to happen, and, once it had happened, whether successive Governments took well-informed and sensible decisions under cover of an unprecedented super-injunction. The inquiry will also examine the Government’s wider arrangements for the resettlement of eligible Afghans in the UK. While lived experience can inform the Committee's work, please be aware that the Committee does not consider or assist with individual cases.

Disappointing to see that the UK ICO has declined to submit any evidence to the Commons Defence Committee Inquiry into the circumstances behind, and consequences of, the #Afghan #spreadsheet #databreach, the most serious ever in UK public sector history: committees.parliament.uk/work/9327/af...

committees.parliament.uk/committee/24...

NYC Sued Over 'Voyeuristic' Police Surveillance System - Law360 A Brooklyn couple has filed a federal lawsuit alleging New York City uses a "voyeuristic" police surveillance system on all visitors and residents, which includes two police cameras that are aimed at ...

1984: We're behind schedule.

Couple sues because NYPD aims cameras into their bedroom and living room, perhaps due to their history of activism.

I hope they win but the precedents are mixed.
www.law360.com/cybersecurit...

Beyond #Afghan #databreach, the UK ICO faces increased scrutiny due to need to renew #dataprotection #adequacy. The European DP Board is urging much greater scrutiny of the robustness of its complaints handling & effectiveness of UK #GDPR sanctions and remedies: www.edpb.europa.eu/system/files...

Happy to announce that I'm giving a CIPIL seminar in Cambridge on Nov 20th, "Faithful or Traitor? The Right of Explanation in a Generative AI World", and it's attendance on zoom as well as in person but registration needed : see www.cipil.law.cam.ac.uk/press/events...

I shall be responding to this. It’s important. 👇

The ICO claim #UKGDPR complaints are arising "as people become more aware of their #dataprotection rights" & now propose to refuse investigation of many of these. In fact, complaints have been stable since #GDPR & but with ↓↓ regulatory action by ICO have ↑ since 2023: inforrm.org/2025/10/28/c...

The approach would inevitably lead to many noncompliant controllers, especially SMEs, not being subject to any form of @iconews investigation which would exacerbate the lack of respect for legal rights and duties which data subjects now experience. The plans should be opposed.

ICO now propose to reject investigation of many complaints unless there is a considerable number or increase concerning the same controller. With no investigation, the ICO would be unable to discharge its obligation to inform the complainant of the investigation outcome.

In reality, almost no complaints are being progressed within maximum period, it is far from clear that these are subject to appropriate investigation & ICO makes almost no use of its formal corrective powers (there were just 2 #dataprotection fines in 2024-25). Complaints have 📈

Under law ⚖️ ICO must investigate all #dataprotection complaints to the extent appropriate, respond consistently with need for strong enforcement and inform the data subject of the outcome of both the investigation and the complaint (providing a progress update within 3 months).

The UK Information Commissioner's Office is currently consulting (until this Friday) on its plans to change its response to #dataprotection including UK #GDPR complaints. Please do respond via ico.org.uk/about-the-ic...

Cause for Complaint: Assessing the ICO’s Proposed New Approach to Data Protection Complaints – David Erdos The Information Commissioner’s Office (ICO)’s data protection complaint handling performance is currently in very clear crisis.  Despite its pledge to assess and respond to 80% of such complaints w…

New blog on UK Information Commissioner's plan to reject investigation ‍of many #DataProtection complaints, an💡inconsistent with its obligation to inform all complainants of an investigation outcome & liable to fuel further disregard for the UK #GDPR especially among SMEs: inforrm.org/2025/10/28/c...

Great to see open-access volume on #dataprotection and #humanitarian action now out marking decade of @icrc.org & @unhcr.org frameworks🎉https://lnkd.in/eTTyttpw My chapter is on 1990 UN Guidelines role in promoting regulation alongside autonomy & derogations for humanitarian IOs.

⚠️ Grindr has violated the #GDPR for sharing users’ personal data for advertising purposes, according to the #Norwegian Court of Appeal. This decision sends a strong signal to the commercial surveillance industry. Read more about the decision below ⬇️

Good to see highlighting of ICO failure to investigate grave #Afghan #databreach or even keep decision record. Similar earlier breach is binding reason for action not reverse. UK #GPDR requires "dissuasive" steps but this is lacking bsky.app/profile/chio...
ukconstitutionallaw.org/2025/09/03/d...

#Australia, #Canada & #UK's joint action today brings #Commonwealth State recognition of #Palestine to 80%. It must now accept its special urgent responsibilities, set up a support Fund & revive Palestine's 1997 membership application: www.tandfonline.com/doi/full/10.... bsky.app/profile/leah...

Palestine and the modern Commonwealth: past engagements and future membership? All Commonwealth summit communiqués from the late 1960s through to the mid-1990s maintained a focus on the Palestinian conflict and highlighted approaches that could lead to its just resolution. Wh...

Not least given British mandate origins of today’s conflict, the #Commonwealth has a special responsibility. There’s more background, including the Commonwealth’s advocacy between 1967 and 1997 for a just resolution in Palestine in my open-access article: www.tandfonline.com/doi/full/10....

An aerial view showing destruction in Rafah after Israeli forces withdrawal Source: UNRWA

In midst of #Gaza horror &⬆️Recognition of #Palestine by Members (up to 80% by end Sept & 🤞more soon) it's good to see Stuart Mole, former Head of it's Secretary-General's Office, call for Palestine #Commonwealth membership pathway (paused since 1997) www.commonwealthroundtable.co.uk/general/poli...