Inforrm covered a wide range of data protection and privacy cases in 2025. Following our posts in 2018, 2019, 2020, 2021 , 2022 and 2023 here is our selection of notable privacy and data protection cases from England and Wales, the ECtHR, the CJEU, Australia and Canada in 2025. Continue reading
The International Forum for Responsible Media Blog
Category: Data Protection (Page 1 of 38)
The Information Commissioner’s Office (ICO)’s data protection complaint handling performance is currently in very clear crisis. Despite its pledge to assess and respond to 80% of such complaints within 90 days, the percentage of cases where such an outcome has not been achieved has ballooned from 15.2% in 2023/ 24 to 70% in 2024/25 (a 360% increase). Continue reading
On 17 August 2023 the Ministry of Defence (MoD) put the Information Commissioner’s Office (ICO) on broad notice about the devastating failure of data protection that is now generally known as the Afghan data breach (although sadly there have been many others). Continue reading
The Information Commissioner’s Office (ICO) Annual Report for 2024/25 released last week sadly provides evidence of a severe and serious weakening of information rights regulation compared to the strong enforcement which is (and remains) promised especially under the (UK) General Data Protection Regulation (GDPR). Continue reading
The UK Information Commissioner’s Office (ICO) has some history of failing to learn the lessons from its past information governance mistakes, even seeking to present these as a testament to success. For example, its publicity video for its 40th anniversary released earlier this year stated that the 2012 Leveson Inquiry, which followed the phone hacking scandal, showed it “stand[ing] up during scandals” and thereby demonstrated a track record of “being there when you need us most”. Continue reading
Last week, Meta – the parent company of Facebook, Instagram, Threads and WhatsApp – unveiled a new “personal artificial intelligence (AI)”. Powered by the Llama 4 language model, Meta AI is designed to assist, chat and engage in natural conversation. With its polished interface and fluid interactions, Meta AI might seem like just another entrant in the race to build smarter digital assistants. Continue reading
Section 179 of the Data Protection Act (DPA) 2018 places the Secretary of State under a duty to ensure that a Report is “la[id] before Parliament” on both the “use” and “effectiveness” of “relevant alternative dispute resolution procedures” in cases involving actual or alleged failures by media organisations, other than broadcasters, “to comply with the data protection legislation”. Continue reading
This year, 2024 was billed to be the year of the first ‘robust and comprehensive’ UK statutory review of the extent of journalism’s compliance with data protection law and good practice, a formal appraisal which was (and is) meant to become a clear ‘part of the media landscape’ as reformed by the Data Protection Act (DPA) 2018 in the wake of the general/first part of the Leveson Inquiry. Continue reading
This blog explores figures from the Information Commissioner’s Office (ICO) on its privacy and data protection enforcement in 2023-24 which not only remain concerningly low but are also troublingly inconsistent. Continue reading
On 3 July 2024 HHJ Parkes KC handed down judgment on a strike out application in Pacini & Anor v Dow Jones & Co Inc [2024] EWHC 1709 (KB). The case will be of interest to anyone thinking about the complex relationship between defamation, privacy and data protection in English law. Continue reading
Recent Judgments
© 2026 Inforrm's Blog
Theme by Anders Norén — Up ↑