Category Archives: ICO

A New (GDPR) Data Sharing Code

The law on data sharing is a minefield clouded with myths and misunderstandings. The Information Commissioner’s Office (ICO) recently launched a consultation on an updated draft code of practice on this subject. Before drafting the new code, the ICO launched … Continue reading

Posted in Data Sharing, GDPR, ICO | Tagged , , , | 1 Comment

The BA and Marriot Data Breaches: The ICO takes its gloves off!

This week we saw the Information Commissioner’s Office (ICO) finally signal its intention to use its powers to issue to issue Monetary Penalty Notices (fines) under the General Data Protection Regulation (GDPR).  Two Notices of Intent have been issued.  Both … Continue reading

Posted in Data Protection, DP ACT 2018, enforcement notice, EU DP Regulation, GDPR, ICO | Tagged , , , , , | 3 Comments

GDPR: One Year on

The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 came into force on 25th May 2018 with much fanfare. The biggest change to data protection law in 20 years, with GDPR carrying a maximum fine of 20 million … Continue reading

Posted in biometric data, enforcement notice, GDPR, ICO | Tagged , , , | 2 Comments

First Two GDPR Enforcement Notices – Lessons Learnt

The Information Commissioner’s Office (ICO) recently served only its second Enforcement Notice for breaches of the GDPR. The first Enforcement Notice was issued in July 2018 against a Canadian company, AggregateIQ Data Services Ltd (AIQ). Strangely it was not published on … Continue reading

Posted in GDPR, ICO, personal data, Privacy | Tagged , , , | 3 Comments

Lessons from the Google GDPR Fine

On 21st January 2019, theFrench National Data Protection Commission (CNIL) fined Google 50 million euros for breaches of the General Data Protection Regulation (GDPR). This is the biggest financial penalty issued so far by any European regulator under the new law. … Continue reading

Posted in GDPR, ICO | Tagged , , | 1 Comment

The Facebook Data Breach Fine Explained

  On 24th October the Information Commissioner imposed a fine (monetary penalty) of £500,000 on Facebook Ireland and Facebook Inc (which is based in California, USA) for breaches of the Data Protection Act 1998.  In doing so the Commissioner levied the maximum fine … Continue reading

Posted in Cloud, Data Protection, Data Sharing, Fines, GDPR, ICO, Information Security, Personal Data | Tagged , , , , , , , | Leave a comment

ICO Refuses to Disclose GDPR Policy Document for Special Categories Data

In the months leading up to 25th May 2018, data controllers will have been working like Trojans to become GDPR compliant. Data Protection Officers may have been pulling their hair out at the length of their ‘to do lists’.  Not least, working out … Continue reading

Posted in DP ACT 2018, GDPR, ICO, Information Security | 2 Comments