Category Archives: Fines

The WhatsApp GDPR Fine 

On 2nd September, the instant messaging service WhatsApp was fined €225 million by the Irish Data Protection Commission (DPC) under GDPR. It is the largest fine issued by the DPC and the second highest in the EU (In July Luxembourg’s National Commission for Data Protection fined … Continue reading

Posted in Fines, privacy notice, Uncategorized, whatsapp | Tagged , , , | Leave a comment

First GDPR Fine Issued to a Charity

On 8th July 2021, the Information Commissioner’s Office (ICO) fined the transgender charity Mermaids £25,000 for failing to keep the personal data of its users secure.In particular this led to a breach of the Articles 5(l)(f) and 32(1) and (2) of the GDPR.  The ICO found that Mermaids … Continue reading

Posted in Fines, GDPR, Security, Uncategorized | Tagged , , , | Leave a comment

Ticketmaster Fined £1.25m Over Cyber Attack

GDPR fines are like a number 65 bus. You wait for a long time and then three arrive at once. In the space of a month the Information Commissioner’s Office (ICO) has issued three Monetary Penalty Notices. The latest requires Ticketmaster to pay £1.25m following a cyber-attack on its website which compromised millions of customers’ personal information.   The ICO investigation into this breach found a vulnerability … Continue reading

Posted in cyber security, Data Breach, Fines, ICO, Ticketmaster, Uncategorized | Tagged , , , , | 2 Comments

The Marriott Data Breach Fine

The Information Commissioner’s Office (ICO) has issued a fine to Marriott International Inc for a cyber security breach which saw the personal details of millions of hotel guests being accessed by hackers. The fine does not come as a surprise as it follows a Notice of Intent, issued in July 2018. The amount of £18.4 million though is … Continue reading

Posted in Data Breach, Fines, Marriot, Security, Uncategorized | Tagged , , , | 3 Comments

First Fine under GDPR

The Information Commissioner’s Office (ICO) has issued the first fine under GDPR to a London-based pharmacy. Doorstep Dispensaree Ltd, has been issued with a Monetary Penalty Notice of £275,000 for failing to ensure the security of Special Category Data. The … Continue reading

Posted in Fines, GDPR, Uncategorized | Tagged , , | 4 Comments

The Facebook Data Breach Fine Explained

  On 24th October the Information Commissioner imposed a fine (monetary penalty) of £500,000 on Facebook Ireland and Facebook Inc (which is based in California, USA) for breaches of the Data Protection Act 1998.  In doing so the Commissioner levied the maximum fine … Continue reading

Posted in Cloud, Data Protection, Data Sharing, Fines, GDPR, ICO, Information Security, Personal Data | Tagged , , , , , , , | Leave a comment

Equifax Ltd fined £500,000 for significant breaches of the DPA 1998

On 20th September the Information Commissioner issued Equifax Ltd with a £500, 000 monetary penalty, the biggest fine it has issued to date, and the maximum allowed under the Data Protection Act 1998.  Although half a million pounds might sound a … Continue reading

Posted in Data Protection, Fines, GDPR, Privacy, Records Management | 1 Comment

‘The Great CPS Data-breach!’

                        No, this isn’t a new multi-million pound blockbuster, but instead a £200,000 error the Crown Prosecution Service probably wishes it had never made. On the 4th November 2015 … Continue reading

Posted in Data Protection, Fines, Privacy, Security | Leave a comment

Freedom of Information Caselaw Roundup

The Freedom of Information Act 2000 (FOI) applies to information held by a public authority or held on its behalf by another person (Section 3(2)). What of information about people working for a public authority but who are legally employed … Continue reading

Posted in Deceased Records, Fines, Freedom of Information, ICO, Personal Data, Tribunal | Tagged , , , , | Leave a comment

Those Were the Days!

Martin Gibson, of Buckinghamshire County Council, reflects on the challenges facing a Data Protection Officer and how relationships with the Information Commissioner’s Office have changed over the years. Read more here

Posted in Data Protection, Fines, ICO, Local Authorities | Tagged , , | Leave a comment