EU GDPR – Alan Calder on IT Governance, Cyber Resilience, ISO 27001 and Brexit

The ICO – driving ‘meaningful change’

Alan Calder October 29, 2018 Cyber Security, EU GDPR

Facebook has, in respect of its data breach earlier this year, been fined the maximum £500,000 allowed under the DPA (Data Protection Act) 1998. It’s lucky the breach was discovered before 25 May 2018; if the fine had been levied …

[Continue Reading...]

GDPR: Could an Uber reporting failure trigger a 6% fine plus $148 million?

Alan Calder September 27, 2018 Cyber Security, Data Breaches, Data Protection, EU GDPR

The EU GDPR (General Data Protection Regulation) issues administrative fines for non-compliance. The higher-tier fine is up to 4% of an organization’s global turnover or €20 million (about $24 million), whichever is greater. Although they differ in content, all 50 …

[Continue Reading...]

Data breaches: it’s not just the private sector

Alan Calder September 13, 2018 Cyber Security, Data Breaches, Data Protection, EU GDPR

TV Licensing has assured 40,000 TV licence-paying customers whose contact and bank details were intercepted on the TV Licensing website that “the risk is low”. Really? If the risk is low, why also warn the victims that they should …

[Continue Reading...]

BA: a £1 billion wake-up call

Alan Calder September 12, 2018 Cyber Security, Data Breaches, EU GDPR

There are now two law firms putting together class action lawsuits against BA under the provisions of Article 82 of the GDPR (General Data Protection Regulation), which entitles data subjects to financial compensation for non-financial damages. If the 380,000 customers …

[Continue Reading...]

Summer breaches

Alan Calder July 27, 2018 Cyber Security, Data Protection, EU GDPR

As organisations across the world look forward to the holiday season, it’s worth reviewing the perspective of data thieves and cyber attackers. If key staff are on holiday, cyber security defences will be weaker and less agile. If remaining staff …

[Continue Reading...]

Management disconnect

Alan Calder November 3, 2016 Business and the Economy, Business Continuity, Compliance, Cyber Security, Data Protection, EU GDPR, IT Governance, IT Security

I’ve talked, for some years, about the disconnect between managements stating that cyber security is on their agenda, or under control, and the rapidly rising number of data breaches, as reported in multiple surveys and reports, as well as increasingly …

[Continue Reading...]

GDPR and Brexit: no need for confusion

Alan Calder October 26, 2016 Cyber Security, Data Protection, EU GDPR

GDPR comes into force in May 2018. The UK will still be a member of the EU at that point and, even if Mrs May hadn’t pledged that the UK would be a ‎fully-functioning member right up to the point …

[Continue Reading...]

Brexit impact on GDPR compliance

Alan Calder October 12, 2016 Data Protection, EU GDPR, IT Security

Our internal position on GDPR and Brexit was, on 27th June 2016: The key thing, from a practical point of view, is that negotiations to leave the EU are unlikely to be completed before – at the earliest – October …

[Continue Reading...]

EU – Remain or Leave

Alan Calder October 12, 2016 Business and the Economy, Data Protection, EU GDPR, IT Security

This is what I said to my staff prior to the EU Referendum: We vote on 23rd June, as a country, for whether we remain in the EU or leave it. How you vote is of course a matter for …

[Continue Reading...]

EU GDPR Archive