£145k fine for data sharing process failings

ICO fine council for gang matrix breach

In April 2019 the ICO issued a fine for £145,000 to the London Borough of Newham for unlawfully disclosing personal data of more than 200 individuals who were featured on the Metropolitan Polices “Gang Matrix” intelligence database. The data in redacted and unredacted forms were shared with 44 recipients including external organisations and voluntary agencies. It’s …

Read more£145k fine for data sharing process failings

Data ethics – why data processing is about more than data protection

the rise in ai and data protection and data ethics

When we talk about the processing of data we usually think about data protection or the GDPR and how it applies to the lawful processing of the data. Of course, data protection regulation is all about the processing of personal data, data that can identify an individual, and whilst some of the complexities of data …

Read moreData ethics – why data processing is about more than data protection

ICO building an AI auditing framework

ICO AI Framework

The ICO have launched a new AI Auditing Framework blog which will provide updates and discussion around their work on developing a framework to give them “a solid methodology to audit AI applications and ensure they are transparent, fair; and to ensure that the necessary measures to assess and manage data protection risks arising from them are …

Read moreICO building an AI auditing framework

ICO enforcement highlights the cost of ignoring subject access requests

ICO fine for subject access request

Recent enforcement by the ICO against Magnacrest Ltd highlights the cost of ignoring not only your own data subjects, but also the ICO. Magancrest have been fined £300, with a victim surcharge of £30 and costs of £1133.75 for ignoring an enforcement notices from the ICO to deal with a subject access request, after an …

Read moreICO enforcement highlights the cost of ignoring subject access requests

ICO urges better transparency as trust in companies processing data rises slightly

ico report trust confidence data protection

In its annual review on the state of data protection awareness and trust, the ICO’s Annual Track highlights a small increase in trust of companies and organisations processing their data. The research highlights that 34% of people have high trust and confidence, compared to 21% in 2017. However, people seem to be more likely to trust public …

Read moreICO urges better transparency as trust in companies processing data rises slightly

ICO 2017-18 Annual Report: Data protection complaints and breach reports up

ICO annual report increase

  The Information Commissioner’s Office has published their 2017-2018 Annual Report (covering the 12 months leading up to 31st March 2018) highlighting an increase in activities and some challenging activities. The report is the ICO’s annual report to parliament as required by the Data Protection Act 1998. Bearing in mind that it covers the year …

Read moreICO 2017-18 Annual Report: Data protection complaints and breach reports up

DCMS consults on data protection fee exemptions

consultation

The Department for Culture, Media and Sport (DCMS) has published a consultation on exemptions under the Data Protection Act 2018 from paying a registration fee to the ICO. Under the old Data Protection Act 1998 there were obligations to notify the ICO if you process data, unless an exemption applied. Under the GDPR, which the …

Read moreDCMS consults on data protection fee exemptions

ICO Publishes DPIA Guidance consultation

GDPR transparency

The ICO has published draft guidance on the use of Data Protection Impact Assessments (DPIA), a tool used to assess the risks of processing personal data. The UK has had Privacy Impact Assessments (PIA) for some time as best practice but the GDPR enforces the need for DPIA in certain circumstances. The draft guidance: Covers …

Read moreICO Publishes DPIA Guidance consultation

Draft Data Protection (Charges and Information) Regulations 2018

Regulation

Draft Regulations on the ICO registration fees were laid before Parliament on the 20th February. These draft regulations will come into force on 25th May (to coincide with the General Data Protection Regulation (GDPR)). The new Regulations set out the ICO registration fee scheme including the fee structure: Tier 1 – micro organisations You have …

Read moreDraft Data Protection (Charges and Information) Regulations 2018

ICO launches dedicated GDPR advice line

GDPR phone helpline

On the 1st November, the Information Commissioner’s Office (ICO) launched a dedicated support helpline for SMEs and charities needing help with the new GDPR data protection changes that are coming next year. The ICO say “the phone service is aimed at people running small businesses or charities and recognises the particular problems they face getting …

Read moreICO launches dedicated GDPR advice line