A survey conducted in April and May 2023 revealed that around ** percent of the companies that do business in the European Union (EU) and the United Kingdom (UK) found it challenging to adapt to new or changing requirements of the General Data Protection Regulation (GDPR) or Data Protection Act 2018 (DPA). A further ** percent of the survey respondents said it was challenging to increase the budget because of the changes in the data privacy laws.

A survey conducted in April and May 2023 revealed that around 35 percent of organizations in the United States and 40 percent of organizations in the United Kingdom pay higher costs for international data transfers due to data privacy regulations, but they also find it manageable. Furthermore, approximately 35 percent of respondents from both countries think the regulations encourage businesses by guaranteeing that the data will be safeguarded in other countries.

A survey conducted in April and May 2023 found that less than half of the surveyed organizations in the United States and the United Kingdom (UK) had completed selected actions to comply with state data privacy laws in the United States. Around ** percent of the respondents had made a comparison of the United States' state-level privacy law frameworks. A further ** percent said they were in the process of doing so. Furthermore, ** percent of the respondents said they had updated privacy policies, while almost ** percent were in the process of planning and conducting data assessments.

This dataset is a central catalogue of Data Protection Impact Assessments (DPIAs) of smart city projects that collect personal information in public spaces. By publishing this in one place for the first time, it will enable public transparency and support good practice among operators. A DPIA helps to identify and minimise the risks of a project that uses personal data. Further information: DPIA registration form: https://www.london.gov.uk/dpia-register-form Information Commissioner DPIA: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/accountability-and-governance/data-protection-impact-assessments/

As of February 2025, the largest fine issued for violation of the General Data Protection Regulation (GDPR) in the United Kingdom (UK) was more than 22 million euros, received by British Airways in October 2020. Another fine received by Marriott International Inc. in the same month was the second-highest in the UK and amounted to over 20 million euros.

SAR Database contains details of staff & ex-staff Data Protection Act (DPA) SARs received by BIS (including predecessor departments BERR and DTI, and relevant Executive Agencies), and DECC.

A survey conducted in April and May 2023 among companies that do business in the European Union and the United Kingdom (UK) found that over half of the respondents, ** percent, felt very prepared for the General Data Protection Regulation (GDPR). A further ** percent of the companies believed they were moderately prepared, while ** percent said they were slightly ready to comply with the EU and UK privacy legislations.

A Data Protection Impact Assessment (DPIA) is one of the ways to find out what privacy risks people face when information is collected, used, stored, or shared about them. This helps the London Borough of Barnet find issues so that risks can be taken away or lowered to a level that is acceptable. It also cuts down on privacy breaches and complaints that could hurt the Council's reputation or lead to action by the Information Commissioner (the government watchdog). The London Borough of Barnet makes DPIAs public in with its Data Charter and the 2018 Data Protection Act and UK GDPR.

When it came to concerns regarding the protection of personal information shared with companies, 21 percent of adults in the United Kingdom (UK) claimed they were worried about said data being passed on to third parties. A slightly smaller percentage (16 percent) were concerned about falling prey to fraud or scams.

Underlying data for the publication of One-in, One-out: Statement of New Regulation [URN 11/P96A + 11/P96B + 12/P96A]

This dataset is about books. It has 4 rows and is filtered where the book is Data protection : a practical guide to UK and EU law. It features 7 columns including author, publication date, language, and book publisher.

The main project aims were to examine the human rights implications of rapidly developing technologies. As noted above, in an increasingly digitised world, technological developments and the collection, storage and use of 'big data' pose unprecedented challenges for the protection of human rights. The aim of the project was to examine the intersection of such technological developments and the ideals of human rights protection. The work focused on both positive and negative aspects of this relationship. As noted above, the core research aims were organised on these issues that cut across the threats and opportunities:1) How is the use of ICT and big data shaping the content and scope of rights? (2) How does the use of ICT and big data shape operational practices across state and non-state activities? What new theoretical questions and implications for human rights are generated? (3) What methodologies are needed to identify and document the misuse of modern technologies and the failure to comply with rights-based obligations? (4) How can the use of ICT and big data best support evidence-based approaches to human rights protection and advocacy? (5) What possibilities and limitations exist for regulating the collection, storage and use of ICT and big data by states and non-state actors? The deposited data largely focuses on interviews with law enforcement and security agency representatives about uses of digital technology. We found that an enthusiastic embrace of technnology often existed yet this was not always accompanied by the development of codes of practice, regulatory frameworks and operational guidence on how they should be used. In addition to a potential regulatory vacuum, such disconnects also placed additional burdens on law enforcement themselves as they sought to apply existing rules and regulations. This is something we have described in publications as 'surveillance arbitration'. We also include interviews with civil society actors and lawyers that interrogate these issues and associated digital rights campaigning matters in more detail.

Whilst this some of the requested information is held by the NHSBSA, we have exempted some of the figures under section 40(2) subsections 2 and 3(a) of the FOIA because it is personal data of applicants to the VDPS. This is because it would breach the first data protection principle as: a - it is not fair to disclose individual’s personal details to the world and is likely to cause damage or distress. b - these details are not of sufficient interest to the public to warrant an intrusion into the privacy of the individual. https://www.legislation.gov.uk/ukpga/2000/36/section/40 Information Commissioner Office (ICO) Guidance is that information is personal data if it ‘relates to’ an ‘identifiable individual’ regulated by the UK General Data Protection Regulation (UK GDPR) or the Data Protection Act 2018. The information relates to personal data of the VDPS claimants and is special category data in the form of health information. As a result, the claimants could be identified, when combined with other information that may be in the public domain or reasonably available. Online communities exist for those adversely affected by vaccines they have received. This further increases the likelihood that those may be identified by disclosure of this information. Section 40(2) is an absolute, prejudice-based exemption and therefore is exempt if disclosure would contravene any of the data protection principles. To comply with the lawfulness, fairness, and transparency data protection principle, we either need the consent of the data subject(s) or there must be a legitimate interest in disclosure. In addition, the disclosure must be necessary to meet the legitimate interest and finally, the disclosure must not cause unwarranted harm. The NHSBSA has considered this and does not have the consent of the data subjects to release this information and believes that it would not be possible to obtain consent that meets the threshold in Article 7 of the UK GDPR. The NHSBSA acknowledges that you have a legitimate interest in disclosure of the information to provide the full picture of data held by the NHSBSA; however, we have concluded that disclosure of the requested information would cause unwarranted harm and therefore, section 40(2) is engaged. This is because there is a reasonable expectation that patient data processed by the NHSBSA remains confidential, especially special category data. There are no reasonable alternative measures that could meet the legitimate aim. As the information is highly confidential and sensitive, it outweighs the legitimate interest in the information. Section 41 FOIA This information is also exempt under section 41 of the FOIA (information provided in confidence). This is because the requested information was provided to the NHSBSA in confidence by a third party - another individual, company, public authority or any other type of legal entity. In this instance, details have been provided by the claimants. For Section 41 to be engaged, the following criteria must be fulfilled:

A survey conducted in April and May 2023 among companies in the United States and the United Kingdom (UK) showed that ***** in ** organizations had designated an internal manager or owner to lead and implement data privacy measures. Additionally, almost ** percent conducted regular training of all staff on data privacy and compliance.

Distribution List

This is because it would breach the first data protection principle as: a) it is not fair to disclose claimant personal details to the world and is likely to cause damage or distress. b) these details are not of sufficient interest to the public to warrant an intrusion into the privacy of the claimant. Please click the below web link to see the exemption in full. https://www.legislation.gov.uk/ukpga/2000/36/section/40 Breach of Patient confidentiality Please note that the identification of claimants is also a breach of the common law duty of confidence. A claimant who has been identified could make a claim against the NHSBSA or yourself for the disclosure of the confidential information. The information requested is therefore being withheld as it falls under the exemption in section 41(1) ‘Information provided in confidence’ of the Freedom of Information Act. Please click the below web link to see the exemption in full.

Dataset Card for legislation-gov-uk-en-cy

  Dataset Summary

This dataset consists of English-Welsh sentence pairs obtained via scraping the www.legislation.gov.uk website. The total dataset is approximately 170 Mb in size.

  Supported Tasks and Leaderboards

translation text-classification summarization sentence-similarity

  Languages

English Welsh

  Dataset Structure





  Data Fields

source target

  Data Splits

train… See the full description on the dataset page: https://huggingface.co/datasets/techiaith/legislation-gov-uk_en-cy.