This is the ODPA's monthly round-up of data-related developments from around the world.
On 6 September, the House of Lords passed the third reading of the UK Online Safety Bill. There was widespread coverage in the national media including the following:
On 7 September, a French MP announced plans to challenge the new transatlantic deal allowing companies to freely transfer data between the EU and US before the European Union’s General Court:
On 8 September, the UK’s Information Commissioner’s Office (ICO) published a summary of the ‘consensual audit’ of the Police Service of Northern Ireland which took place in May 2023 (before PSNI accidentally released details of their staff):
Police Service of Northern Ireland | ICO
On 12 September, reports focused on the Google anti-trust trial in Washington DC. During the hearing, the tech giant dismissed arguments that it is the world’s biggest search engine because of illegal practices:
https://www.bbc.co.uk/news/business-66790608
On 21 September, the UK-US Data Bridge was announced by the UK’s Department for Science, Innovation and Technology (DSIT) on 21 September and is due to enter into force on 12 October. If companies meet certain conditions, they will be able to transfer personal data to the US without using legal safeguards, such as Binding Corporate Rules (BCRs) and Standard Contractual Clauses (SCCs). This UK-US instrument follows the recently adopted EU-US version:
UK-US data bridge: explainer - GOV.UK (www.gov.uk)
On 24 September, the BBC reported on AI-generated naked images of young girls from a small town in southern Spain. The pictures were created using photos of the targeted girls fully clothed, many of them taken from their own social media accounts and processed by an app that generates an imagined image of the person without clothes on:
AI-generated naked child images shock Spanish town of Almendralejo - BBC News