Each month, Handley Gill creates ‘On Hand’, our monthly digital newsletter, which is updated with the latest developments throughout the month. While the newsletter is intended to be in a readily digestible digital format, those who prefer the traditional newsletter format can export the newsletter to pdf, which is searchable. The March 2025 edition of On Hand can be accessed here:

Updates in March 2025 to be aware of included:

• Luxembourg court confirms €746m fine against Amazon;

• Third Draft of the General-Purpose AI Code of Practice published under EU AI Act, together with updated EU AI model contractual clauses for public sector procurement;

• ICO fines data processor Advanced Computer Software Group Ltd £3.07m over subsidiary's security failings leading to ransomware data breach of client data;

• Ofcom fines The Word Network operator £150,000 over Broadcasting Code Rules 2.1, 4.6 & 9.4 breaches in religious programmes;

• EU Commissioner for Democracy, Justice, the Rule of Law & Consumer Protection confirms proposals to simplify GDPR for SMEs;

• Chinese authorities jointly issue rules on labelling of AI generated synthetic content; 

• Court of Protection gives ruling detailing basis for hearings to be heard in private and justification for no published judgment;

• FTC writes to 23andMe Trustee in bankruptcy highlighting expectation that privacy policies will be complied with;

• SRA justifies decision not to take action over alleged SLAPP threatened by late Yevgeny Prigozhin in letter to Baroness Stowell;

• 5Rights Foundation publishes voluntary Children & AI Design Code for developers and deployers of AI systems;

• Deadline for carrying out illegal content risk assessment/illegal harms content assessment under Online Safety Act 2023 passes, leading to Ofcom launching enforcement programmes;

• European Commission proposes 6 month extensions to UK adequacy under GDPR & Law Enforcement Directive to 27.12.25;

• Application for permission to appeal to Supreme Court in Higgs v Farmor’s School Facebook post dismissal discrimination claim;

• EDPB and supervisory authorities launch co-ordinated enforcement action on Article 17 GDPR right to erasure;

• CMA publishes update on forthcoming guidance on new direct enforcement powers applicable from 06.04.2025;

• China adopts standardised safety measures for facial recognition technology, effective 01 June 2025;

• FCA abandons regulated firm investigation transparency proposal to shift from exceptional circumstances to public interest test;

• Ofcom fines OnlyFans operator £1.05m for failing to comply with information requests under s368Z10 Communications Act 2003; 

• French competition authority finds Apple abused dominant position over implementation of App Tracking Transparency measures;

• UK government lays 8 new and updated draft codes of practice under Investigatory Powers Act before Parliament;

• Advocate General opines that Member States can't impose name & address precursor to Aarhus environmental requests

These and others are included in On Hand March 2025 

The April 2025 edition of On Hand is now in progress, so continue to check back throughout and at the end of the month to keep up to date on the latest developments in data protection, cyber security, content regulation, AI, reputation management, open justice, access to information, digital markets regulation and human rights & ESG.

We’ve already seen the government publish its policy statement in the forthcoming Cybersecurity and Resilience Bill and the CJEU hearing the challenge to the EU-US Data Privacy Framework.

You can access this and previous editions of On Hand via the ‘Knowledge and Insights’ tab.