Money Supermarket fined £80k for email marketing breach

data protection

Price comparison website, Money Supermarket, has been fined £80,000 by the ICO for PECR breaches. They emailed millions of customers who had oped out of marketing messages, about some changes to terms and conditions and privacy notices, but included a section about reconsidering opting out of future marketing messages. Someone complained and the ICO investigated and …

Read moreMoney Supermarket fined £80k for email marketing breach

EU Home Affairs Sub-Committee reports on Data Protection & Brexit

UK Government & Data Protection

The House of Lords EU Home Affairs Sub-Committee has published a report on data protection in the UK, post-Brexit. The report “Brexit: the EU Data Protection Package” came about because of the Sub-Committee’s “routine scrutiny of EU legislative proposals, but also forms part of the coordinated series of Brexit-themed inquiries launched by the European Union Committee and its …

Read moreEU Home Affairs Sub-Committee reports on Data Protection & Brexit

ICO publishes international strategy

data protection

Last week the ICO published it’s international strategy for the next four years. The strategy sets out a number of global related data protection challenges: To operate as an effective and influential data protection authority at European level while the UK remains a member of the EU and when the UK has left the EU, …

Read moreICO publishes international strategy

ICO Subject Access Request guidance updated

data protection

The ICO has updated its subject access request code of practice not because the GDPR is coming, but because of the outcomes of a couple of court cases (Dawson-Damer & Ors v Taylor Wessing LLP [2017]  EWCA Civ 74  and Ittihadieh v 5-11 Cheyne Gardens RTM Co Ltd & Ors and Deer v University of Oxford …

Read moreICO Subject Access Request guidance updated

Royal Free & Google DeepMind trial failed to comply with data protection law

data protection

The ICO has published its ruling on the Royal Free NHS Trust sharing of patient data with Deep Mind (a Google owned AI company). The data (1.6m records) had been shared as part of a trial to test an alert, diagnosis and detection system for acute kidney injury, but the ICO did not believe the patients …

Read moreRoyal Free & Google DeepMind trial failed to comply with data protection law

Joomla Security Release (3.7.3)

Online Security

Web platform provider Joomla have released a new version to fix a number of security issues: Core – Information Disclosure (affecting Joomla 1.7.3-3.7.2) Core – XSS Vulnerability (affecting Joomla 1.7.3-3.7.2) Core – XSS Vulnerability (affecting Joomla 1.5.0-3.6.5) If you’ve not already updated to this latest version you’re advised to do so ASAP. Full details of …

Read moreJoomla Security Release (3.7.3)