IT legislation and regulation
Understanding the law as it applies to IT management can be one of the hardest task for IT leaders, but the growing burden of regulatory compliance makes it essential. Legislation and regulation affects enterprise IT in many ways, not just in long-standing tasks such as contracts and software licensing. We examine the latest legal development and how they affect IT managers, and talk to the experts in IT legislation and regulation to explain what it means to your organisation.
-
News
20 Nov 2024
ORG urges ICO to revise public sector enforcement approach
The Open Rights Group is urging the Information Commissioner’s Office to revise its light touch approach to public sector data protection issues, arguing that its experimental policy of limiting its enforcement actions to reprimands and notices, rather issuing fines, is allowing bad practices to continue largely unabated Continue Reading
-
News
20 Nov 2024
Government issues strategic priorities for online safety regulator Ofcom
Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online Continue Reading
-
News
21 Feb 2024
Assange created a ‘grave and immediate risk’, says US government, as it seeks extradition
Lawyers for the US government hit back at claims that extraditing WikiLeaks founder Julian Assange is politically motivated Continue Reading
-
News
20 Feb 2024
LockBit locked out: Cyber community reacts
Reaction to the takedown of the LockBit ransomware gang is enthusiastic, but tempered with the knowledge that cyber criminals are often remarkably resilient Continue Reading
-
News
20 Feb 2024
US extradition of Julian Assange is ‘state retaliation’ for exposing war crimes, court hears
Lawyers argue that the US extradition case against WikiLeaks founder Julian Assange is politically motivated and in is breach of the UK-US extradition treaty Continue Reading
-
News
20 Feb 2024
LockBit gang members arrested in Poland and Ukraine
The UK’s National Crime Agency and its global partners have shared more details on their audacious takedown of the LockBit ransomware operation, including news of two arrests Continue Reading
-
News
20 Feb 2024
Government agrees law to protect confidential journalistic material from state hacking
The government will update Investigatory Powers Act to require secret intelligence agencies to seek independent approval before accessing confidential journalistic material obtained by bulk hacking, but journalists remain vulnerable to other bulk surveillance powers Continue Reading
-
News
19 Feb 2024
Cops take down LockBit ransomware gang
The notorious LockBit ransomware crew has been disrupted in an international law enforcement sting led by the UK's National Crime Agency Continue Reading
-
Opinion
15 Feb 2024
Bouncing back from a cyber attack
Organisations need to move away from victim blaming when cyber attacks on OT systems occur and focus on fostering collaboration between teams to minimise downtime, among other efforts to bounce back and return to business Continue Reading
-
News
15 Feb 2024
Security-by-design push prompts new ISC2 accreditations
Security-by-design has become a hot-button regulatory issue. ISC2 has decided now is the time to upskill cyber pros around these vital software and hardware development principles Continue Reading
-
News
14 Feb 2024
Dutch Supreme Court approves use of EncroChat evidence
Defence lawyers plan appeal to European Court of Human Rights after Supreme Court upholds a conviction based on intercepted messages from the EncroChat encrypted phone network Continue Reading
-
News
14 Feb 2024
Met Police to scrap and replace ‘racist’ Gangs Violence Matrix
A database used by the Metropolitan Police to identify and track people linked with gang violence is being decommissioned and replaced. The decision follows a long-running controversy over its discriminatory impacts on young black people, but campaigners warn that racial discrimination will persist with new tool Continue Reading
-
Podcast
14 Feb 2024
Podcast: What is the impact of AI on storage and compliance?
Start now looking at artificial intelligence compliance. That’s the advice of Mathieu Gorge of Vigitrust, who says AI governance is still immature but firms should recognise the limits and still act Continue Reading
-
News
14 Feb 2024
Security experts: Investigatory powers plans will delay security updates
Cyber security experts warn that government proposals to amend the Investigatory Powers Act will limit tech companies’ ability to respond to security threats and could hamper the use of end-to-end encryption Continue Reading
-
News
14 Feb 2024
Post Office CEO refused to meet government minister without her lawyer after 2015 Horizon report
Post Office statements on the Horizon system, whether to journalists or the government, were routinely carefully crafted by lawyers Continue Reading
-
News
13 Feb 2024
What will result from Cohesity’s Veritas acquisition?
The $7bn backup giant will leverage huge assets in enterprise customer base, compliance and governance intelligence, AI, R&D, and Kubernetes backup and storage Continue Reading
-
Opinion
12 Feb 2024
Executives must face down state-sponsored hacking groups targeting firmware
State-backed groups have ratcheted up the pressure for cyber security professionals and executives. But that’s not an excuse to cede them the territory. Continue Reading
-
News
09 Feb 2024
Amazon defends facial-recognition tech sale to FBI despite moratorium
The FBI has confirmed it is using Amazon’s Rekognition image and video analysis software, but Amazon says it is ‘false’ to suggest this violates the company’s self-imposed moratorium on selling facial-recognition technology to US police Continue Reading
-
News
07 Feb 2024
NCSC warns CNI operators over ‘living-off-the-land’ attacks
Malicious, state-backed actors may well be lurking in the UK’s most critical networks right now, and their operators may not even know until it is too late, warn the NCSC and its partners Continue Reading
-
News
07 Feb 2024
Dozens of surveillance companies are supplying spyware to governments, says Google
Google’s Threat Analysis Group has identified 40 companies involved in selling and supplying security exploits and spyware services to governments Continue Reading
-
News
07 Feb 2024
Government reaffirms commitment to hold off on AI laws
The UK government reaffirming its commitment hold off on artificial intelligence legislation has been received positively by industry for balancing innovation and safety Continue Reading
-
News
07 Feb 2024
How Iranian cyber ops pivoted to target Israel after 7 October attacks
Microsoft has shared new intelligence on how Iranian government-aligned threat actors have turned their fire on Israel over the past four months Continue Reading
-
News
07 Feb 2024
South Staffs Water faces group action over Clop ransomware attack
South Staffordshire Plc, the parent company of South Staffordshire and Cambridge Water, is facing legal action from customers whose data was compromised in a 2022 Clop ransomware attack Continue Reading
-
News
06 Feb 2024
UK’s McPartland Cyber Review to probe trust in technology
The UK government has launched a cyber security review that will investigate how best to give businesses the confidence they need to use new technologies Continue Reading
-
News
06 Feb 2024
UK government responds to AI whitepaper consultation
The UK government is considering introducing binding legal requirements for companies developing the most powerful AI systems, and has outlined a range of funding to realise the ambitions of its ‘pro-innovation’ framework for artificial intelligence Continue Reading
-
News
06 Feb 2024
Inquiry to explore cyber risk to Sunak-Starmer showdown
The UK’s Joint Committee on National Security Strategy is opening an inquiry into securing the democratic process ahead of the next general election Continue Reading
-
Opinion
06 Feb 2024
Three predictions for responding to the cyber threat landscape in 2024
Nominet's Kim Wiles looks to the coming months and calls for cooperation and collaboration on tackling cyber security threats Continue Reading
-
News
05 Feb 2024
Blackbaud blasted for failing to prevent customer breaches
A supply chain attack at software supplier Blackbaud in 2020 saw data on multiple UK organisations compromised. The US authorities are now taking steps to ensure it can’t happen again Continue Reading
-
News
05 Feb 2024
US sanctions Iranians behind CNI cyber attacks
US government issues new sanctions against six Iranians suspected of being behind a series of cyber attacks targeting critical national infrastructure, notably water supply systems Continue Reading
-
Feature
02 Feb 2024
UK police facial recognition explained: What you need to know
In this essential guide, Computer Weekly looks at the use of facial recognition technology by UK police forces, including the points of contention around its deployment so far and where it’s heading next Continue Reading
-
News
01 Feb 2024
AI: House of Lords focuses on copyright and transparency
Large language models promise to boost UK productivity, but the tech needs greater scrutiny and questions remain over intellectual property Continue Reading
-
Opinion
31 Jan 2024
AI everywhere all at once
Artificial intelligence became mainstream in 2023. Advances in technology and accessibility led to increased awareness and use of AI Continue Reading
-
News
30 Jan 2024
We need backup! Pennsylvania police data loss shows why
Police evidence systems data was lost during ‘routine maintenance’, with human error blamed – the case clearly illustrates why data protection can’t be left to chance Continue Reading
-
E-Zine
30 Jan 2024
Tech companies warn EU over encryption plans
In this week’s Computer Weekly, tech companies are calling on the European Commission to rethink plans to weaken internet encryption – we explore the issues. We talk to credit rating agency Moody’s about why it thinks now is the time to start investing in quantum computing. And we examine how a different approach to recruitment could ease the datacentre sector skills gap. Read the issue now. Continue Reading
-
News
29 Jan 2024
Lords question legality of police facial recognition
Lords committee ‘deeply concerned’ about the rapid expansion of live facial recognition by UK police, which it says is progressing without any real oversight or accountability Continue Reading
-
News
26 Jan 2024
GenAI tools ‘could not exist’ if firms are made to pay copyright
AI firm Anthropic hits out at copyright lawsuit filed by music publishers, claiming the content ingested into its models falls under ‘fair use’ and that any licensing regime would be too complex and costly Continue Reading
-
Opinion
26 Jan 2024
Quantum, AI and geopolitical conflict: '24 will be a big year for cyber
With big trends like quantum, generative AI and geopolitical conflict, 2024 looks set to be a big year in security, but defenders have an unparalleled opportunity to harness these trends for good, says Quorum's Federico Charosky Continue Reading
-
News
26 Jan 2024
UK government consults on age verification tech in alcohol sales
The government has said it wants to allow the use of digital identities and various age-verification technologies in alcohol sales Continue Reading
-
Opinion
26 Jan 2024
Security Think Tank: What to expect in cyber this year
Risk arising from insecure generative AI, an explosion in mainstream acceptance of zero-trust, and increasingly tight cyber insurance policies will all be high on the agenda in 2024, writes Forrester senior analyst Alla Valente Continue Reading
-
News
26 Jan 2024
Expert IT witness outsmarted an ‘aggressive’ Post Office to get to truth after inspection ‘madness’
The Post Office’s attempts to protect the Horizon system are well known, in light of the public inquiry and a recent TV drama, but Computer Weekly can reveal how an IT expert was treated during his investigation of Horizon Continue Reading
-
Opinion
26 Jan 2024
Bulk sender authentication: More vital than ever
With new guidelines from Google and Yahoo governing bulk emails coming into force in February 2024, here's what you need to know to keep your sales and marketing lists compliant Continue Reading
-
Opinion
25 Jan 2024
The race to regulate AI: 2024 unpacked
EU’s AI Act is set to become ‘gold standard’ of AI regulation. Will other countries adopt the same high standards or like the UK opt for a light touch in favour of growth and investment? Continue Reading
-
Opinion
25 Jan 2024
IT Sustainability Think Tank: Why 2024 should be less about predicting and more about acting
With 2023 now behind us, it is time to look ahead at what enterprise leaders should be focusing their IT sustainability efforts on during the year ahead Continue Reading
-
Opinion
25 Jan 2024
Security Think Tank: 2024 is the year we bridge the cyber divide
ISACA's Steven Sim Kok Leong shares his thoughts on the coming year in cyber security, considering the impact of regulatory change, the evolving role of the CISO, and advances in innovative cyber tech Continue Reading
-
Feature
23 Jan 2024
Expert guide to e-discovery
An expert guide to why your organisation needs an electronic discovery policy and how to go about creating one Continue Reading
-
News
23 Jan 2024
Treat cyber risk like financial or legal issue, says UK government
UK government and NCSC launch proposed code of practice on cyber security governance to help directors and business leaders toughen their defences Continue Reading
-
News
23 Jan 2024
Leak of 26 billion records may prove to be ‘mother of all breaches’
The discovery of a dataset comprising 26 billion stolen records may prove to be record-breaking in both its size and the danger it poses to ordinary people Continue Reading
-
News
23 Jan 2024
SEC bitcoin hack was result of SIM-swapping
A cyber attack on the US financial regulator earlier in January 2024 occurred after hackers took over one of its mobile phone accounts in a so-called SIM-swapping attack Continue Reading
-
News
22 Jan 2024
Openreach accelerates digital network roll-out
Added vigour to UK’s largest broadband provider’s digital network transformation play, with latest tranche of exchanges across furthest reaches of UK now able to offer digital comms based on full-fibre networks Continue Reading
-
News
22 Jan 2024
Urgent question asks which ministers knew of Post Office’s shocking plan to remove judge
Labour peer uses urgent question to uncover who, if anyone, in government was aware of the Post Office’s attempts to remove judge as it became clear it was losing Continue Reading
-
News
19 Jan 2024
ICO prompts confusion over police cloud legality
The UK data regulator has suggested that, despite major data protection concerns, it is likely to greenlight police cloud deployments because of an information-sharing agreement with the US government Continue Reading
-
News
19 Jan 2024
MPs flag similarities between HMRC's treatment of Loan Charge contractors and Post Office scandal
The fallout from HMRC's controversial disguised remuneration clampdown, the Loan Charge policy, has been likened to the Post Office Horizon scandal during a House of Commons debate Continue Reading
-
News
19 Jan 2024
Fujitsu boss admits to missed opportunities to prevent miscarriages of justice
Concerns of an expert witness in subpostmaster trials were ignored by Fujitsu Continue Reading
-
News
19 Jan 2024
AWS plans huge investment in Japan cloud infrastructure
Amazon Web Services plans to invest over $15bn into its existing cloud infrastructure in Tokyo and Osaka by 2027 to meet growing customer demand Continue Reading
-
News
18 Jan 2024
More than 900 subpostmaster convictions wouldn’t have happened without Post Office-backed law change
IT expert says it cannot be the case that computer evidence is treated as accurate in court, without investigation into surrounding circumstances Continue Reading
-
News
18 Jan 2024
Tech firms: Investigatory Powers review will undermine privacy of UK citizens
Trade group TechUK argues in a briefing sent to the Home Office that proposed amendments to the Investigatory Powers Bill could have a far-reaching impact on privacy and security Continue Reading
-
News
17 Jan 2024
Victims of 2023 Capita data breaches head to High Court
More than 5,000 people impacted by data breaches arising from two cyber incidents affecting outsourcer Capita have joined a group action lawsuit Continue Reading
-
News
17 Jan 2024
Singapore proposes governance framework for generative AI
AI Verify Foundation and Infocomm Media Development Authority have proposed a governance framework for generative AI to address the risks and concerns about the emerging technology Continue Reading
-
News
16 Jan 2024
Legal cases question IP in large language model training
Should the providers of commercial large language models licence content from content creators? The New York Times and Getty Images think so Continue Reading
-
E-Zine
16 Jan 2024
All eyes are on the Post Office scandal – at last
In this week’s Computer Weekly, 15 years since we first revealed the plight of subpostmasters, and four years since their High Court victory, the UK public and government are getting behind the victims, thanks to a TV dramatisation of the scandal. We look at government plans to quash convictions, and analyse the role of Horizon IT supplier Fujitsu in how the Post Office scandal developed. Read the issue now. Continue Reading
-
Feature
15 Jan 2024
British Library cyber attack explained: What you need to know
In this essential guide, Computer Weekly investigates the cyber attack on the British Library that has rendered IT systems inoperable and caused service disruption to thousands of users Continue Reading
-
News
15 Jan 2024
How legal disclosure failures disrupted the Post Office Horizon inquiry
From overly narrow search terms, overzealous deduplication of documents and failed email migrations, poor management of legal discovery has delayed justice for postmasters in the Horizon inquiry Continue Reading
-
News
12 Jan 2024
UK government seeks public views on impacts of AI-generated porn
The government’s Pornography Review will look in part at the use of AI throughout the industry to generate sexually explicit content without people’s consent Continue Reading
-
News
11 Jan 2024
MHRA launches roadmap for medtech regulations
The roadmap covers plans for regulations on medical technologies, including implantable devices, artificial intelligence and healthcare software, with core elements of a new framework to be in place by 2025 Continue Reading
-
News
10 Jan 2024
Davos 2024: AI-generated disinformation poses threat to elections, says World Economic Forum
Disinformation and misinformation are the top risks facing businesses, governments and the public over the next two years Continue Reading
-
News
10 Jan 2024
SEC social media hack highlights value of MFA
The US SEC briefly appeared to approve new bitcoin trading rules after a social media account was targeted by troublemakers, proving the value of MFA once again Continue Reading
-
News
10 Jan 2024
Scotland ‘sleepwalking’ to mass surveillance with DPDI Bill
The independent checks and balances over biometrics and biometric-enabled surveillance must be strengthened to prevent Scotland from sliding into a surveillance state along with the rest of the UK Continue Reading
-
News
09 Jan 2024
Babuk Tortilla ransomware decryptor made available
A joint effort between Cisco Talos, Avast and the Dutch police will bring relief to many victims of a variant of the Babuk ransomware known as Tortilla Continue Reading
-
News
09 Jan 2024
Study reveals cyber risks to US elections
With the 2024 US presidential election cycle beginning, a study produced by Arctic Wolf has highlighted big gaps in preparedness and resourcing at government bodies across the US Continue Reading
-
News
08 Jan 2024
Post Office scandal furore is moment to change digital evidence rules
The current rules around digital evidence are partly to blame for the widest miscarriage of justice in UK history Continue Reading
-
News
07 Jan 2024
India firms warm to responsible AI
Almost two-thirds of organisations said their responsible AI practices and policies were mature or they had taken steps towards responsible AI adoption, according to a Nasscom study Continue Reading
-
News
03 Jan 2024
Artificial intelligence to the front in Sweden’s National Technology Strategy
Sweden focuses in on artificial intelligence in its latest far-reaching national IT strategy Continue Reading
-
News
29 Dec 2023
Top 10 AI regulation stories of 2023
From the UK government’s publication of its long-awaited AI whitepaper to its convening of the world’s first AI Safety Summit, here are Computer Weekly’s top 10 AI regulation stories of 2023 Continue Reading
-
News
28 Dec 2023
Top 10 technology and ethics stories of 2023
Here are Computer Weekly’s top 10 technology and ethics stories of 2023 Continue Reading
-
News
27 Dec 2023
Top 10 police technology stories of 2023
Here are Computer Weekly’s top 10 police technology stories of 2023 Continue Reading
-
News
21 Dec 2023
Top 10 cyber crime stories of 2023
Ransomware gangs dominated the cyber criminal underworld in 2023, a year that will prove notable for significant evolutionary trends in their tactics Continue Reading
-
News
19 Dec 2023
Top 10 cyber security stories of 2023
The past 12 months have seen the security agenda dominated by the usual round of vulnerabilities, concerns over supply chain security and more besides, but it was the chaotic state of global geopolitics that really made an impact Continue Reading
-
News
18 Dec 2023
Global mobile trade body hails agreement on future mobile spectrum ranges
ITU’s World Radiocommunication Conference concludes with consensus on roadmap for mobile services using designated low-band and mid-band frequencies Continue Reading
-
News
15 Dec 2023
Police defend facial recognition target selection to Lords
Senior police officers confirm to Lords committee that facial recognition watchlist image selection is based on crime categories attached to people’s photos, rather than a context-specific assessment of the threat presented by a given individual Continue Reading
-
News
15 Dec 2023
Government advised to overturn all Post Office scandal convictions
An independent board set up to advise the government on compensation for innocent subpostmasters has recommended that all the Post Office scandal convictions are ‘unsafe’ and should be overturned Continue Reading
-
News
14 Dec 2023
Government plans to regulate to tackle datacentre threats
DSIT outlines a range of proposals designed to protect data storage facilities from cyber attacks, as well as physical threats and the effects of climate breakdown Continue Reading
-
News
14 Dec 2023
NCSC CEO Lindy Cameron to step down in 2024
NCSC chief exec Lindy Cameron, who helped lead and elevate the national dialogue on cyber security through major events such as Covid-19, SolarWinds Sunburst and Colonial Pipeline, is to step down in the New Year Continue Reading
-
News
13 Dec 2023
No UK AI legislation until timing is right, says Donelan
The UK government will not legislate on artificial intelligence until it has a better understanding of the technology, so is instead focusing on building up regulatory capacity and conducting safety-focused research, says digital secretary Continue Reading
-
News
13 Dec 2023
Critical UK infrastructure a ‘hostage of fortune’ to ransomware
A lack of ransomware planning and preparedness at the highest levels of government is leaving UK operators or critical national infrastructure dangerously exposed, according to a Joint Committee report Continue Reading
-
News
12 Dec 2023
MoD fined after breach of Afghan staffers’ data put lives at risk
The MoD has been fined £350,000 by the ICO after an email blunder exposed data on Afghan nationals who had worked with British forces and were at risk of Taliban reprisals Continue Reading
-
News
11 Dec 2023
BT Group makes net neutrality call as it looks to improve network efficiency
Telco claims breakthrough technology that improves quality and reliability of live content for viewers while driving down costs for broadcasters and network operators, but calls for rethink in net neutrality debate Continue Reading
-
News
11 Dec 2023
Nordic governments join forces to protect data transfers
Nordic countries deepen their cooperation over cyber security amid heightened threat from neighbouring Russia Continue Reading
-
News
11 Dec 2023
EU AI Act: The wording of the act is finalised
The EU AI Act has climbed another rung up the legislative ladder, with its wording having been finalised Continue Reading
-
News
11 Dec 2023
Competition and Markets Authority looks into Microsoft/OpenAI after Altman fiasco
The firing and rehiring of OpenAI’s CEO, and the fallout, which could have seen Microsoft hire all its staff, has the regulator spooked Continue Reading
-
News
07 Dec 2023
NCSC exposes Russian cyber attacks on UK political processes
The NCSC has firmly attributed a long-running campaign of cyber attacks targeting UK political processes to a group run out of Russia’s FSB intelligence agency, known as Star Blizzard Continue Reading
-
News
05 Dec 2023
Operator of Sellafield nuclear facility denies hacking claims
The operator of the Sellafield nuclear site has denied allegations that senior managers covered up a series of cyber security lapses that enabled Chinese and Russian threat actors to compromise its networks Continue Reading
-
News
04 Dec 2023
Rhysida ransomware gang hits hospital holding royal family’s data
Ransomware gang boasts of having stolen data on the royal family in an attack on a private London hospital Continue Reading
-
News
01 Dec 2023
Human augmentation tech requires dual use oversight
Researchers investigating human augmentation technologies must acknowledge the potential military applications of their work, and military bodies cannot be allowed to dismiss ethical concerns in their pursuit of national security interests, says NGO Drone Wars UK Continue Reading
-
News
01 Dec 2023
Lords committee urges caution on UK use of autonomous weapons
UK government must ensure proper democratic oversight of its development and use of AI-powered weapon systems, says Lords committee Continue Reading
-
News
30 Nov 2023
Government’s Online Fraud Charter welcomed
The government has corralled 11 of the largest tech platforms in the world to commit to its Online Fraud Charter, designed to tackle online scams, fake adverts, and more Continue Reading
-
News
29 Nov 2023
Law enforcement dismembers major ransomware operation in Ukraine
A joint law enforcement operation between the Ukrainian authorities, Europol and Eurojust has seem five ransomware operators taken into custody Continue Reading
-
Opinion
28 Nov 2023
Making artificial intelligence fit for all our human futures
Lord Chris Holmes explains why he has introduced a Private Member's Bill on AI regulation for discussion in Parliament - and the important precedents he hopes it will set Continue Reading
-
E-Zine
28 Nov 2023
Datacentres or green belt? Why the UK has to choose
In this week’s Computer Weekly, we examine the minefield around datacentre planning permission across the UK, after government blocked a major development next to the M25 motorway. The metaverse is making inroads into the indus-trial world – is this the real future for the technology? And we analyse the trends changing the application software market. Read the issue now. Continue Reading
-
News
27 Nov 2023
Lack of government incentives stifling UK business broadband expansion
Research from UK connectivity provider reveals that while 42% of UK businesses plan vital connectivity upgrades as part of growth strategy, one in every five are receiving insufficient internet speeds Continue Reading
-
Opinion
24 Nov 2023
DORA raises the stakes for cloud use in financial services
The EU's DORA regulations will raise the stakes for cloud in financial services but resilience is more than just a tech issue, says NetApp's Steve Rackham Continue Reading
-
News
24 Nov 2023
UK police plan national roll-out of facial-recognition phone app
UK police chiefs plan to expand use of facial-recognition technology through a nationwide roll-out of mobile-based tools and increases in retrospective facial-recognition, but oversight problems persist Continue Reading
-
News
23 Nov 2023
DWP to surveil bank accounts of benefit claimants for fraud
The UK government has outlined how it plans to tackle benefit fraud by giving the Department for Work and Pensions new powers compelling banks to collect and share data on claimants’ bank accounts Continue Reading