Despite school half-term holidays, the end of the Easter court term and a much needed extra Bank Holiday, May has brought no relief for cyber security and data protection practitioners, with developments in data protection, cyber security, content regulation, AI and reputation management continuing apace. At least we can read On Hand in the sunshine.

Developments in May included:

• Largest ever fine under GDPR issued by Irish Data Protection Commissioner against Meta Platforms Ireland Limited, together with order to cease personal data transfers

• European Parliament Committees adopt draft negotiating mandate on the first ever rules for Artificial Intelligence 

• Twitter - a VLOP under the EU Digital Services Act - pulls out of voluntary Code of Practice against disinformation

• Call by the National Cyber Security Centre and Information Commissioner for greater transparency around cyber attacks

• Increased ransomware activity in Q3 and 4 2022 and into 2023

• Data Protection and Digital Information (No.2) Bill Committee begins scrutiny

• Government delays sunset on the majority of retained EU legislation, saving data protection legislative framework

• Sun publisher's summary judgment application over claims of unlawful information gathering against Hugh Grant dismissed, relief granted on phone hacking

• GDPR marks 5 years of being in effect across the EEA

• European Parliament adopts LIBE Committee resolution rejecting potential Commission adequacy decision in respect of US

• Major Meta shareholder's fund manager calls for human rights impact assessment of targeted advertising & child safety report

• Journalist Carole Cadwalladr ordered to pay 60% of Arron Banks’ original defamation trial costs & to refund costs he paid her, with £400,000 to be paid on account, after Court of Appeal ruling

• EDPB adopts final version of guidelines on law enforcement use of facial recognition technology

• G7 leaders call for AI 'guardrails'

• The Cyberspace Administration of China releases guidelines on standard contracts for personal data exports

• FTC Order to Show Cause seeks prohibition on Meta profiting from child users' data over alleged 2020 privacy order breach

• Ofcom finds GB News' Mark Steyn programme in breach of Broadcasting Code over guest's "pre-Nazi Germany" COVID-19 remark

• Ministry of Justice issues call for evidence, consulting on on open justice in England and Wales until 07 September 2023

• Ofcom publishes market research consultancy report 'Mitigating illegal harms: a snapshot'

• Leaked EU lawyers’ advice warns Child Sexual Abuse Regulation requiring scanning of private messages risks being annulled

• Lords Communications & Digital Committee issues call for evidence on the Digital Markets, Competition and Consumers Bill, which has second reading in Parliament

• BBC secures right to name Conservative Party donor embroiled in NCA money laundering investigation

• Chris Packham secures £90,000 damages against author & editor of dishonesty allegations published on Country Squire Magazine website

Each month, Handley Gill creates ‘On Hand’, our monthly digital newsletter, which is updated with the latest developments throughout the month. While the newsletter is intended to be in a readily digestible digital format, those who prefer the traditional newsletter format can export the newsletter to pdf. The May 2023 edition of On Hand can be accessed here:

We will now open the June 2023 edition of On Hand, so continue to check back throughout and at the end of the month to keep up to date on the latest developments in data protection, cyber security, content regulation, AI, reputation management, open justice, access to information and digital markets regulation.