Cybersecurity, children’s privacy & marketing practices are main concerns according to ICO privacy tracker survey

Survey shows drop in trust

The ICO have published their Annual Tracker, a survey looking at public perceptions of privacy and data protection. The main aim of this research was: To gauge public perceptions and awareness of how data is shared with and used within organisations and to monitor any change in the trust and confidence in how data is …

Read moreCybersecurity, children’s privacy & marketing practices are main concerns according to ICO privacy tracker survey

Webinar: Cookie Consent Update

The ICO has recently changed it’s approach to consent and the use of cookies. Join us for this webinar to uncover the truth about cookies, consent, the ICO guidance and what the ICO expects from you and your website cookies. We’ll be covering: Background to PECR and GDPR rules re: cookies What the new cookie …

Read moreWebinar: Cookie Consent Update

ICO publishes annual report (18/19) highlighting “unprecedented” year

ICO Annual Report

The ICO has published its Annual Report for 2018/19 which it says highlights what they refer to as an unprecedented year, which includes (for the 12 month period up to 31st March 2019): Helping the public and organisations: The ICO helpline received over 471,000 contacts (a 66% increase from the previous period) Almost twice as many …

Read moreICO publishes annual report (18/19) highlighting “unprecedented” year

ICO intends to fine BA and Marriott (£183m and £99m)

ICO BA Marriott fines

This week the ICO has published statements on its intentions to fine British Airways £183m and Marriott Hotels £99m for breaches of GDPR. But before everyone gets excited about the size of the fines, remember these are just “intentions” to fine, not actual fines. So, so far BA and Marriott have not been fined. They …

Read moreICO intends to fine BA and Marriott (£183m and £99m)

Who’s looking after your data protection compliance?

Data protection never takes a holiday

In March 2019 a First-tier Tribunal was held between Farrow and Ball Ltd and the Information Commissioner’s Office (ICO). In its work to chase down organisations that are not paying the new data protection fee (as required by the Data Protection (Charges and Information) Regulations 2018 which came into force in UK law at the same …

Read moreWho’s looking after your data protection compliance?

ICO updates its GDPR certification guidance

GDPR certificaton schemes

The Information Commissioner’s Office has updated its guidance regarding certification schemes under GDPR. Section 5 of the GDPR sets out approaches towards codes of conduct and certification, with Article 42 specifically addressing certification. Simply put the regulation suggests the implementation of data protection certification schemes to provide a way for data controllers and processors to …

Read moreICO updates its GDPR certification guidance

£145k fine for data sharing process failings

ICO fine council for gang matrix breach

In April 2019 the ICO issued a fine for £145,000 to the London Borough of Newham for unlawfully disclosing personal data of more than 200 individuals who were featured on the Metropolitan Polices “Gang Matrix” intelligence database. The data in redacted and unredacted forms were shared with 44 recipients including external organisations and voluntary agencies. It’s …

Read more£145k fine for data sharing process failings

Data ethics – why data processing is about more than data protection

the rise in ai and data protection and data ethics

When we talk about the processing of data we usually think about data protection or the GDPR and how it applies to the lawful processing of the data. Of course, data protection regulation is all about the processing of personal data, data that can identify an individual, and whilst some of the complexities of data …

Read moreData ethics – why data processing is about more than data protection

ICO building an AI auditing framework

ICO AI Framework

The ICO have launched a new AI Auditing Framework blog which will provide updates and discussion around their work on developing a framework to give them “a solid methodology to audit AI applications and ensure they are transparent, fair; and to ensure that the necessary measures to assess and manage data protection risks arising from them are …

Read moreICO building an AI auditing framework

ICO enforcement highlights the cost of ignoring subject access requests

ICO fine for subject access request

Recent enforcement by the ICO against Magnacrest Ltd highlights the cost of ignoring not only your own data subjects, but also the ICO. Magancrest have been fined £300, with a victim surcharge of £30 and costs of £1133.75 for ignoring an enforcement notices from the ICO to deal with a subject access request, after an …

Read moreICO enforcement highlights the cost of ignoring subject access requests