Money Supermarket fined £80k for email marketing breach

data protection

Price comparison website, Money Supermarket, has been fined £80,000 by the ICO for PECR breaches. They emailed millions of customers who had oped out of marketing messages, about some changes to terms and conditions and privacy notices, but included a section about reconsidering opting out of future marketing messages. Someone complained and the ICO investigated and …

Read moreMoney Supermarket fined £80k for email marketing breach

EU Home Affairs Sub-Committee reports on Data Protection & Brexit

UK Government & Data Protection

The House of Lords EU Home Affairs Sub-Committee has published a report on data protection in the UK, post-Brexit. The report “Brexit: the EU Data Protection Package” came about because of the Sub-Committee’s “routine scrutiny of EU legislative proposals, but also forms part of the coordinated series of Brexit-themed inquiries launched by the European Union Committee and its …

Read moreEU Home Affairs Sub-Committee reports on Data Protection & Brexit

ICO Subject Access Request guidance updated

data protection

The ICO has updated its subject access request code of practice not because the GDPR is coming, but because of the outcomes of a couple of court cases (Dawson-Damer & Ors v Taylor Wessing LLP [2017]  EWCA Civ 74  and Ittihadieh v 5-11 Cheyne Gardens RTM Co Ltd & Ors and Deer v University of Oxford …

Read moreICO Subject Access Request guidance updated

Royal Free & Google DeepMind trial failed to comply with data protection law

data protection

The ICO has published its ruling on the Royal Free NHS Trust sharing of patient data with Deep Mind (a Google owned AI company). The data (1.6m records) had been shared as part of a trial to test an alert, diagnosis and detection system for acute kidney injury, but the ICO did not believe the patients …

Read moreRoyal Free & Google DeepMind trial failed to comply with data protection law

Joomla Security Release (3.7.3)

Online Security

Web platform provider Joomla have released a new version to fix a number of security issues: Core – Information Disclosure (affecting Joomla 1.7.3-3.7.2) Core – XSS Vulnerability (affecting Joomla 1.7.3-3.7.2) Core – XSS Vulnerability (affecting Joomla 1.5.0-3.6.5) If you’ve not already updated to this latest version you’re advised to do so ASAP. Full details of …

Read moreJoomla Security Release (3.7.3)

Why lack of certainty is probably not helping GDPR compliance

which direction for law

If it wasn’t hard enough to convince businesses in the UK that they really should be thinking about how their organisation will be impacted by the General Data Protection Regulation (GDPR) next year, we’ve got to also think about the ePrivacy Regulations (which the EU wants to come into force at the same time as …

Read moreWhy lack of certainty is probably not helping GDPR compliance

Drupal patches some more security risks

Online Security

This week Drupal have patched a couple of modules for potential security issues. Both the services module and the SMTP Authentication Support module have been updated. If you’re running either of these modules make sure your system has been updated to the latest versions of the modules to ensure you’re website is not vulnerable.

Petya ransomware highlights continued vulnerabilities

ransomeware learnings

In case you missed it, there was another global ransomware attack this week. Whilst the Ukraine seems to  have been hit the worst, it is being reported that businesses across the world have been impacted. It is possible you have missed this latest cybersecurity issue, mainly because it’s not dominated the media headlines like the …

Read morePetya ransomware highlights continued vulnerabilities