New research shows 58% of adults worried about data and privacy online

data privacy security harm

The research, produced jointly by the Information Commissioner’s Office (ICO) and Ofcom, the telecoms regulator looked at various aspects of perceived harm online, with data and privacy being just one element of the research (other areas include risks from harmful content and children coming to harm online). The findings indicate that 58% of adults in the UK are concerned about data and/or privacy online, with fraud or identify theft being the main threat of concern; 54% were concerned about hacking […]

ICO urges better transparency as trust in companies processing data rises slightly

ico report trust confidence data protection

In its annual review on the state of data protection awareness and trust, the ICO’s Annual Track highlights a small increase in trust of companies and organisations processing their data. The research highlights that 34% of people have high trust and confidence, compared to 21% in 2017. However, people seem to be more likely to trust public bodies than private businesses with their data (which is slightly contrary to Edelman Trust Barometer findings (although not specifically looking at data processing)). The full […]

ICO 2017-18 Annual Report: Data protection complaints and breach reports up

ICO annual report increase

  The Information Commissioner’s Office has published their 2017-2018 Annual Report (covering the 12 months leading up to 31st March 2018) highlighting an increase in activities and some challenging activities. The report is the ICO’s annual report to parliament as required by the Data Protection Act 1998. Bearing in mind that it covers the year in the lead up to the GDPR deadline (25th May) and so doesn’t cover any impact (initial or long term), it still presents some interesting […]

EU and Japan agree data protection adequacy

Japan EU Adequacy

  This week the EU and Japan have agreed to recognise each others data protection regulations as “adequate” meaning that once the formalities are completed (later this year), Japan will be added to the list of non-EU countries who have adequate data protection regimes. The GDPR and the Data Protection Directive before it, puts in place restrictions on the transfer of personal data outside the EU. Transfer only being allowed when the country where the data will be processed: Has […]

WordPress 4.9.7 security release


If you’re running WordPress for your website you’ll want to make sure you update to the latest version, 4.9.7 which fixes a security vulnerability whereby certain users could delete files from outside the upload folder. If you’ve not already, you are advised to update. For more information including details of a number of bug fixes, visit the WordPress site. Wondering why we report on WordPress security updates? WordPress usage accounts for up to 60% of the CMS (Content Management System) […]

DCMS consults on data protection fee exemptions


The Department for Culture, Media and Sport (DCMS) has published a consultation on exemptions under the Data Protection Act 2018 from paying a registration fee to the ICO. Under the old Data Protection Act 1998 there were obligations to notify the ICO if you process data, unless an exemption applied. Under the GDPR, which the new (2018) Act implements there are no such conditions for registration, but the new Data Protection (Charges and Information) Regulations, which came into force on […]

Is this the end of US Privacy Shield?

EU-US Privacy Shield

Last week the European Parliament Committee on Civil Liberties, Justice and Home Affairs (LIBE) called on the EU Commission to suspend the EU-US Privacy Shield agreement, saying Privacy Shield doesn’t provide enough protection for EU citizens’ data. What’s Privacy Shield? Privacy Shield was adopted in 2016, replacing the previous agreement (Safe Harbor) which had been determined in 2015, to be inadequate in meeting EU standards of data protection. In essence the Privacy Shield provides the grounds by which US businesses can […]

And so, a new era in data protection begins

GDPR is here

It’s a date that’s been in everyone’s minds for some time whether it’s because you’re a business targeting it as the deadline to complete your GDPR compliance project, or a consumer being bombarded by “we need to re-seek your consent” emails. The 25th May is here – the day the EU’s General Data Protection Regulation (GDPR) comes into force. It impacts any business or organisation operating in the UK that is processing personal data, and updates the previous EU Data […]

Data Protection Bill to receive Royal Assent 23rd May


According to the Parliament website both the House of Commons and House of Lords have agreed on the text of the Data Protection Bill which now awaits Royal Assent, which is scheduled for tomorrow (23rd May 2018). The Bill will become the Data Protection Act 2018. It’s main aims are to: implement the GDPR into UK law set out how the UK applies the derogations available under the GDPR bring the Law Enforcement Directive into UK law update the laws […]

ICO publish consent guidance and update cookie consent rules

consent and cookies

We’ve been waiting for some time, for the Information Commissioner’s Office (ICO) to publish it’s final consent guidance. It’s been in draft since March last year and waiting on the Article 29 Working Party’s own guidance. Last week however, they published their final guidance. You can read it here: There’s not many differences from the original draft from last year other than the removal of the time limit on how long consent lasts – they were indicating probably around 2 […]