EU GDPR Archive
The ICO, for the second time in its history, has used the Computer Misuse Act (CMA) to achieve a prison sentence for someone who abused a position of trust to exfiltrate personal data from her employer in order to sell …
Friday 29 January Many organisations are slightly confused about the immediate GDPR requirements in the UK and the EU following the UK’s exit from the EU. This is the situation: the so-called Free Trade Agreement makes provision for the EU …
We all thought that the most dramatic aspect of GDPR enforcement would be fines for data breaches, and that the primary driver for GDPR compliance would be the desire to avoid data breaches. While there have been some spectacular data …
Well, the ICO (Information Commissioner’s Office) is markedly faster out of the blocks in terms of dealing with PECR (Privacy and Electronic Communications Regulations) breaches than in dealing with GDPR (General Data Protection Regulation) ones. Some 16 company directors have …
For those of you wonder what on earth the ICO (Information Commissioner’s Office) is doing in terms of regulatory action in relation to privacy, their latest update identifies some recent financial penalties: A television production company was fined £20,000 for …
Facebook has, in respect of its data breach earlier this year, been fined the maximum £500,000 allowed under the DPA (Data Protection Act) 1998. It’s lucky the breach was discovered before 25 May 2018; if the fine had been levied …
The EU GDPR (General Data Protection Regulation) issues administrative fines for non-compliance. The higher-tier fine is up to 4% of an organization’s global turnover or €20 million (about $24 million), whichever is greater. Although they differ in content, all 50 …
TV Licensing has assured 40,000 TV licence-paying customers whose contact and bank details were intercepted on the TV Licensing website that “the risk is low”. Really? If the risk is low, why also warn the victims that they should …
There are now two law firms putting together class action lawsuits against BA under the provisions of Article 82 of the GDPR (General Data Protection Regulation), which entitles data subjects to financial compensation for non-financial damages. If the 380,000 customers …
As organisations across the world look forward to the holiday season, it’s worth reviewing the perspective of data thieves and cyber attackers. If key staff are on holiday, cyber security defences will be weaker and less agile. If remaining staff …