DAERA Fish Kill Protocol Withheld - Internal Review Timeliness Breach
The ICO issued a decision finding that DAERA was entitled to withhold a fish kill protocol under EIR 12(5)(g) (environmental protection) and EIR 13 (personal data). However, the ICO found that DAERA breached EIR 11(4) by not completing its internal review within the required timeframe. No further steps were required.
Cabinet Office FOI Complaint Not Upheld - No Information Held
The Information Commissioner's Office investigated a Freedom of Information complaint against the Cabinet Office regarding a request for information about 'smashed gangs'. The Cabinet Office stated it did not hold information within scope of the request. The ICO upheld this position, finding no further steps required as the Cabinet Office's response complied with its obligations.
Met Police NCND Deceased Nazi, Security Exemption Upheld
The ICO issued a Decision Notice upholding the Metropolitan Police Service's refusal to confirm or deny holding information about a deceased Nazi sympathiser under FOIA section 23(5) (security bodies). The ICO found the MPS correctly applied the neither-confirm-nor-deny response, protecting sensitive national security and law enforcement information from disclosure.
Northamptonshire Police FOI Complaint Upheld - Fresh Response Ordered
The ICO issued a Decision Notice finding Northamptonshire Police partially non-compliant with Freedom of Information Act obligations. The police must issue a fresh response to Q5 of the complainant's request regarding Developed Vetting information, either confirming/denying whether information is held and disclosing it or issuing a compliant refusal notice under section 17. The ICO dismissed the challenge regarding Q4 where section 21 exemption was correctly applied.
Staffordshire Police FOI Request - Fresh Response Ordered
The ICO upheld a complaint against Staffordshire Police under the Freedom of Information Act 2000. The ICO found that the force failed to conduct adequate searches for information requested by a complainant who sought specific correspondence. The ICO has ordered Staffordshire Police to issue a fresh response following proper searches aimed at identifying all information within scope.
UK Export Finance EIR Commercial Interests Exemption Decision
The Information Commissioner's Office issued a Decision Notice in case IC-403066-Y4P3 regarding a complaint against UK Export Finance. The complainant requested information about project financing, and UK Export Finance withheld certain information citing regulation 12(5)(a) of the Environmental Information Regulations. The ICO determined that UK Export Finance correctly applied the commercial interests exemption, and no further action is required.
Cheltenham Borough Council - Information Not Held (EIR 12(4)(a))
The ICO issued a Decision Notice finding that Cheltenham Borough Council did not act incorrectly in refusing an Environmental Information Regulations request for details about a potential loan for the Minster Exchange development project. The Commissioner determined that on the balance of probabilities, the requested information is not held by the council, allowing it to rely on regulation 12(4)(a) to refuse the request.
Hackney Council EIR Procedural Breaches Decision
The ICO issued a Decision Notice against London Borough of Hackney Council finding breaches of the Environmental Information Regulations. The Council failed to issue proper refusal notices under regulation 14(2) and failed to conduct internal reviews under regulation 11(2) when handling a request about the Future Shoreditch Area Action Plan. While the Council's reliance on regulation 12(4)(b) to refuse the request was upheld as valid, procedural failures constitute regulatory breaches.
London Borough of Redbridge - Councillor Property FOIA Decision
The ICO issued a Decision Notice regarding a Freedom of Information complaint against the London Borough of Redbridge. The ICO upheld the council's refusal to disclose addresses of rental properties owned by a former councillor under section 44(1)(a) (statutory prohibition). However, the ICO determined the council incorrectly withheld related correspondence under section 40(2) (personal data), meaning that material must now be disclosed.
London Borough of Waltham Forest - FOIA Section 10 Breach
The ICO upheld a complaint against London Borough of Waltham Forest for failing to respond to a Freedom of Information request within the statutory 20-working-day timeframe, in breach of section 10 of FOIA. The authority must now provide a substantive response to the request and comply with its statutory obligations.
Carmarthenshire Council, EIR 5(2) breach, statutory response failure
Carmarthenshire Council, EIR 5(2) breach, statutory response failure
EIR Complaint Against Croydon Council Upheld
ICO has upheld a complaint under the Environmental Information Regulations against London Borough of Croydon. The Council failed to respond to an information request within the statutory 20 working day period. The ICO requires the Council to provide a response to the complainant within 30 calendar days of the decision.
Brent EIR Complaint Dismissed Over Bobby Moore Bridge
The Information Commissioner's Office dismissed a complaint against London Borough of Brent regarding an Environmental Information Regulations request. The complainant sought information about the awarding of an advertising contract concerning the Bobby Moore Bridge. The ICO found that the council was entitled to withhold the information under regulation 12(4)(e) (internal communications exception) and that the public interest favoured maintaining the exception. No further action is required from the council.
BBC FOI Request for Celebrity Salaries Not Upheld
The Information Commissioner's Office issued a decision notice finding in favour of the BBC regarding a Freedom of Information Act request for celebrity salaries from the 2025 series of The Celebrity Traitors. The ICO determined that any salary information held by the BBC would be exempt from disclosure as it was held for journalism, art, or literature purposes. The ICO upheld the BBC's position and requires no remedial action.
Department for the Economy - EIR 14 Procedural Breach Finding
The ICO issued a Decision Notice finding that the Department for the Economy breached regulation 14(3) of the Environmental Information Regulations by failing to specify the exception(s) applied in its initial refusal notice. The Department was entitled to withhold commercial interests information under EIR 12(5)(e). No remedial steps are required.
HMT Labour Together FOIA Request Not Upheld
The ICO issued a decision notice finding that HM Treasury (HMT) did not violate FOIA by stating it does not hold information about meetings between HMT officials and Labour Together. However, the ICO found that HMT breached section 10(1) of FOIA by failing to respond to the request within the statutory 20 working days, as clarification was not sought until 16 January 2025 for a request made on 7 November 2024. The ICO requires no remedial steps to be taken.
FOI complaint - Council breached section 17
The ICO issued a Decision Notice against Blackburn with Darwen Borough Council finding a breach of FOIA section 17 for failing to issue a timely refusal notice within 20 working days. The council was entitled to withhold information under section 40(2) but failed proper procedure. No further steps required.
Cheshire East Council, procurement bids withheld, FOI 43(2) not upheld
Cheshire East Council, procurement bids withheld, FOI 43(2) not upheld
DROP Audits Preliminary Comment Period - Data Broker Regulations
The California Privacy Protection Agency (CPPA) announced preliminary rulemaking activities regarding Delete Request and Opt-out Platform (DROP) audits for data brokers under CalPrivacy. The agency is accepting preliminary written comments through May 7, 2026 at 5:00 PM PT to inform potential future regulations. Comments received are public records and may be included in future rulemaking packages.
CFM Resolution 2.454/2026 AI Governance Standards for Brazilian Medicine
CFM 2.454/2026 establishes AI governance for Brazil healthcare
Chile's LPDP Impacts Mergers and Acquisitions Analysis
Deloitte Legal analyzed Chile's Ley 21.719 on Personal Data Protection (LPDP), effective Dec. 1, 2026, and its implications for M&A transactions. The LPDP introduces maximum fines of 20,000 UTM (approximately USD 1.6 million) and establishes the Personal Data Protection Agency with investigative and corrective powers. The analysis draws parallels to GDPR's structural impact on European capital markets, noting that inadequate data handling in target companies can reduce acquisition prices by hundreds of millions of dollars.
Buenos Aires Decree 97/26 Promotes AI in Public Sector
Marval, O'Farrell & Mairal analyzed Buenos Aires Decree 97/26, which promotes AI adoption across the public sector of the Ciudad Autónoma de Buenos Aires. The decree positions AI as a strategic tool for administrative efficiency, public service delivery, and digital transformation, citing existing implementations in education including teacher training programs and student access initiatives.
CNPD Attends IAPP Global Summit 2026 Washington DC
The Luxembourg data protection authority (CNPD) announced its participation in the IAPP Global Summit 2026 held in Washington, DC from March 30 to April 2, 2026. CNPD President Tine A. Larsen represented Luxembourg at the gathering, which convened 42 data protection authorities, US privacy officials, federal representatives, Congressional members, and FTC commissioners. The summit addressed data protection priorities, the US legislative agenda, and international cooperation frameworks.