Beyond our Shores - May

Published: 31 May 2024

On 1 May 2024, the UK’s Information Commissioner’s Office and communications regulator Ofcom released a joint statement on the regulation of online services where online safety and data protection intersect. It outlined their plans to protect online users, promote compliance, support innovation, improve regulatory clarity, and achieve a coherent approach to regulation: A joint statement by Ofcom and the Information Commissioner’s Office on collaboration on the regulation of online services | ICO 

On 6 May 2024, the BBC reported that the personal information of an unknown number of serving UK military personnel has been accessed in a significant data breach: MoD data breach: MoD data breach: UK armed forces' personal details accessed in hack - BBC News (

On 7 May 2024, Ofcom published proposed measures to improve children’s online safety: 

On 15 May 2024, the BBC reported that female health monitoring apps are putting women at risk by "coercing" them into disclosing - and then poorly handling - highly sensitive data, according to new research:

On 16 May 2024, the Guardian published an article featuring testimonies from people affected by the UK contaminated blood scandal – regarded as the biggest treatment disaster in NHS history – who are unable to obtain compensation because they can’t access their medical information: ‘Why must I be a doctor, solicitor and detective?’: lost records block compensation for infected blood victims | Contaminated blood scandal | The Guardian

On 24 May 2024, the Bailiwick Express online newspaper published a report about a video being circulated on social media showing Guernsey Police forcibly restraining a man in police custody: Shared police CCTV footage triggers data protection investigation | Bailiwick Express

On 24 May 2024, the UK’s Data and Marketing Association urged the government and opposition parties to unite and pass the Data Protection and Digital Information Bill (DPDI), which updates the General Data Protection Regulation (GDPR) and the Data Protection Act 2018:  DMA calls for urgent passage of DPDI before election | DMA 

On 27 May 2024, Ireland’s Data Protection Commission (DPC) welcomed the outcome of two rounds of prosecution proceedings that were taken in Dublin District Courts. The cases were instigated by the DPC against two companies and in both cases, the DPC had previously issued warnings regarding previous complaints made to the Office:

On 28 May 2024, Forbes reported on data protection issues arising after the overturning of Roe vs. Wade in 2022 triggered profound concerns regarding digital privacy, especially among users of menstrual tracking apps. “This landmark decision raised fears for misuse of sensitive health data, as state laws concerning reproductive rights may allow access to personal reproductive health information”:

On 29 May 2024, the Atlantic Council, an American think tank which promotes international cooperation, published this article on the changing transatlantic geopolitics of data transfers: Who’s a national security risk? The changing transatlantic geopolitics of data transfers - Atlantic Council

On 30 May 2024, the BBC reported that IT system failures have been linked to the deaths of three patients and more than 100 instances of serious harm at NHS hospital trusts in England: NHS computer problems put patients at risk of harm (

On 31 May 2024, the BBC reported that staff at Santander bank and 30 million customers had been hacked. The bank, which employs 200,000 people worldwide, including around 20,000 in the UK, has confirmed data has been stolen: All Santander staff and millions of customers have data hacked - BBC News