ICO Decision Notice: UKHSA FOI Breach

The Information Commissioner's Office (ICO) has issued a decision notice finding that the UK Health Security Agency (UKHSA) breached Section 10 of the Freedom of Information Act (FOIA) by failing to respond to a request within the statutory 20 working days. UKHSA is required to provide a substantive response.

ICO Orders Nottingham University Hospitals NHS Trust to Disclose Data

The UK's Information Commissioner's Office (ICO) has ordered Nottingham University Hospitals NHS Trust to disclose nurse and midwife referral data to the Nursing and Midwifery Council. The trust must comply within 30 days, or face potential contempt of court proceedings.

ICO Upholds FOI Complaint Against Chapel St Leonards Council

The UK's Information Commissioner's Office (ICO) has upheld a Freedom of Information (FOI) complaint against Chapel St Leonards Parish Council. The ICO ruled that the council wrongly cited section 14 of the FOIA (vexatious requests) and must now issue a fresh response to the complainant's request regarding a gardening contract.

ICO Decision Notice: Lambeth Council FOI Data Handling

The UK's Information Commissioner's Office (ICO) has upheld Freedom of Information (FOI) complaints against Lambeth Council for its handling of data requests. The Council is required to provide specific requested information in the format specified within 30 days.

Tools for Humanity GDPR Operations Update

The Spanish Data Protection Agency (AEPD) received an update from Tools for Humanity regarding their GDPR operations. The company is relaunching operations in Spain in February 2026 with a new rewards model and has consolidated its data controller role within the EU.

EDPB Reply to Civil Society on EU Spyware Abuse

The European Data Protection Board (EDPB) has issued a reply to a civil society open letter concerning recent spyware abuse cases within the EU. This notice addresses concerns raised by civil society regarding the implications of spyware on data protection and fundamental rights.

EIOPA Assesses EFRAG's Advice on Amended Sustainability Reporting Standards

EIOPA has published an opinion assessing the European Financial Reporting Advisory Group's (EFRAG) technical advice on amended European Sustainability Reporting Standards (ESRS). The opinion focuses on impacts to the (re)insurance and occupational pensions sectors, assessing data availability, consistency with EU legislation like Solvency II, and interoperability with international standards.

EIOPA Guidelines on Identifying Critical Insurance Functions

EIOPA has published final guidelines on identifying critical insurance functions, which if disrupted, could severely impact policyholders and financial stability. These guidelines are required under the IRRD and will inform resolution authorities in drafting resolution plans for identified insurers.

EIOPA Publishes IRRD Guidelines and Draft Technical Standards

The European Insurance and Occupational Pensions Authority (EIOPA) has published six new guidelines and draft technical standards for the Insurance Recovery and Resolution Directive (IRRD). These instruments provide practical implementation details for recovery and resolution frameworks for insurance undertakings, aiming to minimize the impact of failures on policyholders and financial stability.

ICO Response to MPs' Letter on Tattle Life

The UK's Information Commissioner's Office (ICO) has issued a response to a letter from MPs concerning the social media platform Tattle Life. The response clarifies the ICO's position and ongoing actions regarding data protection and online safety issues raised by the MPs.