Data compliance: 2019 and beyond (some predictions)

data compliance predictions 2019

From a data compliance perspective, 2018 has been quite a year thanks to the General Data Protection Regulation (GDPR). Christmas Day will mark 7 months since GDPR and the UK’s Data Protection Act 2018 (implementing the GDPR) became law in the UK. The run up to the GDPR d-day in May certainly bought data protection …

Read moreData compliance: 2019 and beyond (some predictions)

ICO issues £200k fine for unsolicited text messages without valid consent

The Information Commissioner’s Office (ICO) has issued a £200,000 fine to Tax Return Limited (“TRL”) for sending out 14.8m unsolicited marketing text messages (which generated 2146 complaints). The Privacy and Electronic Communications Regulation 2003 (PECR) only permit the sending of marketing emails or text messages if the recipient consents to receiving the messages or is a …

Read moreICO issues £200k fine for unsolicited text messages without valid consent

Which? highlights retailers breaching data protection and privacy laws with their e-receipts

marketing and e-receipts

Research from consumer rights guardian Which? has highlighted the data protection dangers of e-receipts and that some retailers are in breach of data protection and privacy rules when it comes to using them to direct market. Which? sent mystery shoppers to various high street brands and asked to receive e-receipts but with no marketing. However, …

Read moreWhich? highlights retailers breaching data protection and privacy laws with their e-receipts

ICO publishes detailed guidance on the controller-processor relationship

controller processor responsibilities GDPR

Back in September 2017 the ICO published some draft guidance for consultation setting out their views on how to interpret Chapter IV (including Article 28) of the GDPR. Chapter IV of the GDPR sets out responsibilities of Data Controllers and Data Processors. Whilst the general responsibility of a Data Controller is to apply the data …

Read moreICO publishes detailed guidance on the controller-processor relationship