News

Privacy and data protection

• October 15, 2025 15 Oct'25

  ICO fines Capita £14m after ransomware caused major data breach

  Outsourcing giant hit with £14m fine over 2023 cyber attack, but costs could rise as legal actions continue

• October 13, 2025 13 Oct'25

  Court dismisses Apple’s appeal against Home Office backdoor

  Investigatory Powers Tribunal rules that Apple’s appeal against a Home Office order to access encrypted data of Apple users world wide will no longer proceed.

• October 13, 2025 13 Oct'25

  Thales: Trust in AI for critical systems needs to be engineered

  Confidence in artificial intelligence capabilities that power critical systems must go beyond words and be built on a hybrid model that combines data with physics and logic to prove reliability, according to Thales’s chief scientist

• October 09, 2025 09 Oct'25

  Chat Control encryption plans delayed after EU states fail to agree

  Plans to require technology companies across Europe to monitor the contents of encrypted messages and emails have been delayed after European Union member states were unable to reach agreement following German objections

• October 08, 2025 08 Oct'25

  Teens arrested over Kido nursery hack

  London’s Met Police arrested two teenage boys in Hertfordshire on suspicion of involvement in the recent Kido nursery hack that saw the personal data of infants stolen and leaked

• October 07, 2025 07 Oct'25

  Nato chooses Oracle to secure battlefield communications

  Nato has chosen Oracle and Druid to secure private 5G networks for cyber defence, war gaming and research, using Oracle Cloud and edge technology

• October 06, 2025 06 Oct'25

  Police ordered to give reasons in closed court for seizing phone of UK Hamas lawyer

  London court orders police to disclose reasons for seizing and copying the contents of a phone belonging to a UK lawyer who represented Hamas, but refuses an injunction to prevent police from reviewing the phone until after judicial review

• October 06, 2025 06 Oct'25

  Data sovereignty demand pushes Herabit to get S3 storage

  Italian service provider gets Cubbit DS3 distributed S3 storage to provide up to 2PB of cloud services to customers demanding data sovereignty, while cutting costs by up to 50%

• October 06, 2025 06 Oct'25

  UK government to consult on police live facial recognition use

  The UK’s policing minister has confirmed the government will consult on the use of live facial recognition by law enforcement before expanding its use throughout England, but so far, the technology has been deployed with minimal public debate or ...

• October 02, 2025 02 Oct'25

  PSNI appoints legal counsel to report on police conduct after McCullough surveillance review

  The Police Service of Northern Ireland has commissioned a senior lawyer to report back on whether there was any misconduct by police officers following the McCullough Review into the surveillance of journalists, lawyers and NGOs

• October 01, 2025 01 Oct'25

  Home Office issues new ‘backdoor’ order over Apple encryption

  A second Home Office technical capability notice requires Apple to provide access to encrypted data and messages of British users stored on its iCloud service

• October 01, 2025 01 Oct'25

  EU Chat Control plans pose ‘existential catastrophic risk’ to encryption, says Signal

  As EU member states prepare to vote on plans to mandate tech companies to introduce technology to scan messages before they are encrypted, Signal warns that Chat Control will create new security risks

• September 30, 2025 30 Sep'25

  Cloud provider publishes ‘tech sovereignty’ plan for UK

  In the face of mounting data sovereignty concerns across Europe, UK cloud provider Civo lays out high-level plan for how the government can retain control and access of its data should the geopolitical situation sour

• September 30, 2025 30 Sep'25

  Google unveils AI-powered security to trap ransomware attacks

  The new security capability, available at no extra cost for most Google Workspace users, detects mass file encryption during ransomware attacks, stops the attacks from spreading and allows for restoration of files

• September 26, 2025 26 Sep'25

  Keir Starmer launches digital ID scheme, but does it stand a chance?

  Amid an economic crisis, public scepticism and confusing messages, could the government’s digital identity programme fail before it even gets off the ground?

• September 26, 2025 26 Sep'25

  Over half of India-based companies suffer security breaches

  Business supply chains, which include Indian companies, are at risk of attack as more than half of suppliers were breached last year

• September 26, 2025 26 Sep'25

  Microsoft hides key data flow information in plain sight

  Microsoft’s own documentation confirms that data hosted in its hyperscale cloud architecture routinely traverses the globe, but the tech giant is actively obfuscating this vital information from its UK law enforcement customers

• September 25, 2025 25 Sep'25

  Netherlands establishes cyber resilience network to strengthen public-private digital defence

  Network will connect organisations in a cyber crime defence initiative that goes way beyond information sharing

• September 24, 2025 24 Sep'25

  McCullough Review finds PSNI failures but no ‘systemic’ surveillance of journalists

  A review by Angus McCullough KC reveals that Northern Ireland police failed to comply with the law but that there was no ‘widespread and systemic’ surveillance of journalists, lawyers and NGOs

• September 22, 2025 22 Sep'25

  PSNI chief sorry over failure to delete data unlawfully seized from journalists

  Police Service of Northern Ireland apologises for failing to destroy data that was unlawfully seized from journalists, despite a court agreement, and to the Investigatory Powers Tribunal for failing to disclose key information to the court

• September 19, 2025 19 Sep'25

  French court ruling may lead to legal challenges over state Sky ECC and EncroChat phone hack

  A decision by the French supreme court may pave the way for defendants to challenge the lawfulness of France’s hacking of the EncroChat and Sky ECC cryptophone networks used by organised crime groups

• September 17, 2025 17 Sep'25

  Firms urged to adopt risk-based data sovereignty strategy

  Geopolitical uncertainty is forcing organisations to rethink where their data is located, but a full retreat from the public cloud is not the answer

• September 17, 2025 17 Sep'25

  Hamas lawyer challenges police after they seized legal files from phone in Schedule 7 stop

  A UK solicitor hired by Hamas to challenge its proscription in the UK as a terrorist organisation argues police acted unlawfully by seizing a phone containing confidential legally privileged material about his clients

• September 17, 2025 17 Sep'25

  Google Cloud unveils open protocol for agentic payments

  Google’s Agent Payments Protocol is an open standard developed with more than 60 global partners to create a secure standard for AI-driven transactions

• September 16, 2025 16 Sep'25

  Exabeam: Treat AI agents as the new insider threat

  As artificial intelligence agents are given more power inside organisations, Exabeam’s chief AI officer, Steve Wilson, argues they must be monitored for rogue behaviour just like their human counterparts

• September 16, 2025 16 Sep'25

  Forrester Technology & Innovation Summit preview: Preparing for emerging tech

  We speak to Forrester about how IT decision-makers should prepare for emerging technologies that have a short, mid or long-term ROI

• September 15, 2025 15 Sep'25

  Amnesty: AI surveillance risks ‘supercharging’ US deportations

  Amnesty International says AI-driven platforms from Palantir and Babel Street are being used by US authorities to track migrants and revoke visas, raising fears of unlawful detentions and mass deportations

• September 15, 2025 15 Sep'25

  Arqit to support NCSC’s post-quantum cryptography pilot

  Quantum specialist Arqit will provide specialised post-quantum migration planning services to organisations preparing to address the imminent risks to traditional cryptography

• September 15, 2025 15 Sep'25

  Forrester Technology & Innovation Summit preview: Digital sovereignty in the public cloud

  We look at how IT leaders need to balance data access, data residency and data sovereignty

• September 15, 2025 15 Sep'25

  MI5 unlawfully monitored the phone of BBC journalist Vincent Kearney

  The Investigatory Powers Tribunal heard today that the security service has conceded that it unlawfully monitored the phone data of former BBC Spotlight reporter Vincent Kearney

• September 12, 2025 12 Sep'25

  EU Data Act comes into force amid fears of regulation fatigue

  The EU Data Act will potentially give users control of device data, and boost data sharing, cloud switching and competition while raising compliance demands

• September 11, 2025 11 Sep'25

  Students an increasing source of cyber threat in UK schools

  Insider threats arising from student activity now appears to be the chief cause of notifiable cyber or data breach incidents in Britain’s schools

• September 11, 2025 11 Sep'25

  Chat Control: EU to decide on requirement for tech firms to scan encrypted messages

  Law enforcement and police experts meet on Friday to decide on proposals to require technology companies to scan encrypted messages for possible child abuse images amid growing opposition from security experts

• September 10, 2025 10 Sep'25

  Jaguar Land Rover admits data has been compromised in cyber attack

  The car maker revealed that data was stolen in the cyber attack that began on 31 August, as its production line continues to be affected

• September 10, 2025 10 Sep'25

  UK contactless card payment limits could be unlimited

  The UK Financial Conduct Authority says contactless payment technology and fraud protections have advanced enough for firms to adjust the limit

• September 09, 2025 09 Sep'25

  Splunk.conf: Splunk urges users to eat their ‘cyber veggies’

  The dawn of AI-enabled cyber attacks makes it even more important for defenders to bring their A-game, particularly when it comes to getting the basics right

• September 08, 2025 08 Sep'25

  Splunk.conf: Splunk and Cisco showcase unified platform

  With 18 months having elapsed since Cisco closed its acquisition of Splunk, joint platform capabilities and developments are being showcased at the annual Splunk.conf fair

• September 08, 2025 08 Sep'25

  Northern Ireland police kept inspectors in dark over surveillance of journalists

  The Police Service of Northern Ireland failed to inform the Investigatory Powers Commissioner’s Office about surveillance operations against journalists during annual inspections

• September 03, 2025 03 Sep'25

  European court upholds EU-US Data Privacy Framework data-sharing agreement

  EU General Court upholds EU-US Data Privacy Framework, bringing certainty to businesses that exchange data with the US – for now. An appeal may be in the offing

• September 02, 2025 02 Sep'25

  OpenAI targets India with datacentre push

  The AI firm is planning to open a one-gigawatt datacentre in India, which could reduce latency, ensure regulatory compliance and give it an edge over hyperscalers

• September 02, 2025 02 Sep'25

  JFrog extends DevSecOps playbook to AI governance

  The software security specialist is leveraging its capabilities in DevSecOps to address security, data provenance and bias in AI models

• August 29, 2025 29 Aug'25

  ICO publishes summary of police facial recognition audit

  The UK data regulator has released a summary of its facial recognition audit of two police forces

• August 29, 2025 29 Aug'25

  Home Office ‘backdoor’ seeks worldwide access to Apple iCloud users’ data, court documents confirm

  A court filing states that a government order against Apple would give it the capability to access communications and metadata of customers using the iCloud service anywhere in the world

• August 28, 2025 28 Aug'25

  Microsoft refuses to divulge data flows to Police Scotland

  Tech giant Microsoft is declining to share key information with Police Scotland about where the sensitive data it uploads to Office 365 will be processed, leaving the force unable to comply with UK-wide data protection laws

• August 26, 2025 26 Aug'25

  Okta makes AI identity play with Axiom acquisition

  Okta says Axiom Security’s technology will reinforce its own offerings in privileged access management, especially when it comes to the growing number of non-human identities

• August 25, 2025 25 Aug'25

  How to secure the identity perimeter and prepare for AI agents

  Ping Identity CEO Andre Durand explains why identity has become the critical security battleground, how decentralised credentials will reduce data breach risks, and why AI agents will need their own identities to be trusted

• August 25, 2025 25 Aug'25

  Ransomware attack volumes up nearly three times on 2024

  During the first six months of 2025, the number of observed and tracked ransomware attacks far outpaced the volume seen in 2024

• August 21, 2025 21 Aug'25

  Scale of MoD Afghan data breaches widens dramatically

  Many more data breaches at the MoD's Arap programme to relocate at-risk Afghan citizens to Britain have emerged following an FoI request by BBC journalists

• August 21, 2025 21 Aug'25

  Apple iOS update fixes new iPhone zero-day flaw

  Latest Apple zero-day found in the ImageIO framework opens the door for targeted zero-click attacks on iPhone users

• August 21, 2025 21 Aug'25

  UK equality watchdog: Met Police facial recognition unlawful

  The UK’s equality watchdog has been granted permission to intervene in a judicial review of the Met Police’s live facial-recognition (LFR) technology use, which it claims is being deployed unlawfully