Category Archives: ICO

Act Now Supporting Innovative Digital DPIA Project

Act Now Training is pleased to announce that it is supporting a new public sector collaboration to co-design and develop a digital approach to Data Protection Impact Assessments (DPIAs). This innovative six month project will help Data Controllers conducting DPIAs to ensure that a ’Data Protection by Design and Default’ approach is embedded into the process. The project is also supported by the Information … Continue reading

Posted in dpia, GDPR, GMCA, ICO, Uncategorized | Tagged , , , | Leave a comment

Viva Las Vegas

Act Now is pleased to announce that Ibrahim Hasan has accepted an invitation to address the 21st Annual NAPCP Commercial Card and Payment Conference in Las Vegas, April 6-9 2020. The NAPCP is a membership-based professional association committed to advancing … Continue reading

Posted in biometric data, Brunei, cyber security, Data Protection, Data Sharing, GDPR, ICO, International, USA | 2 Comments

A New (GDPR) Data Sharing Code

The law on data sharing is a minefield clouded with myths and misunderstandings. The Information Commissioner’s Office (ICO) recently launched a consultation on an updated draft code of practice on this subject. Before drafting the new code, the ICO launched … Continue reading

Posted in Data Sharing, GDPR, ICO | Tagged , , , | 1 Comment

The BA and Marriot Data Breaches: The ICO takes its gloves off!

This week we saw the Information Commissioner’s Office (ICO) finally signal its intention to use its powers to issue to issue Monetary Penalty Notices (fines) under the General Data Protection Regulation (GDPR).  Two Notices of Intent have been issued.  Both … Continue reading

Posted in Data Protection, DP ACT 2018, enforcement notice, EU DP Regulation, GDPR, ICO | Tagged , , , , , | 6 Comments

GDPR: One Year on

The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 came into force on 25th May 2018 with much fanfare. The biggest change to data protection law in 20 years, with GDPR carrying a maximum fine of 20 million … Continue reading

Posted in biometric data, enforcement notice, GDPR, ICO | Tagged , , , | 2 Comments

First Two GDPR Enforcement Notices – Lessons Learnt

The Information Commissioner’s Office (ICO) recently served only its second Enforcement Notice for breaches of the GDPR. The first Enforcement Notice was issued in July 2018 against a Canadian company, AggregateIQ Data Services Ltd (AIQ). Strangely it was not published on … Continue reading

Posted in GDPR, ICO, personal data, Privacy | Tagged , , , | 3 Comments

Lessons from the Google GDPR Fine

On 21st January 2019, theFrench National Data Protection Commission (CNIL) fined Google 50 million euros for breaches of the General Data Protection Regulation (GDPR). This is the biggest financial penalty issued so far by any European regulator under the new law. … Continue reading

Posted in GDPR, ICO | Tagged , , | 1 Comment

The Facebook Data Breach Fine Explained

  On 24th October the Information Commissioner imposed a fine (monetary penalty) of £500,000 on Facebook Ireland and Facebook Inc (which is based in California, USA) for breaches of the Data Protection Act 1998.  In doing so the Commissioner levied the maximum fine … Continue reading

Posted in Cloud, Data Protection, Data Sharing, Fines, GDPR, ICO, Information Security, Personal Data | Tagged , , , , , , , | Leave a comment

ICO Refuses to Disclose GDPR Policy Document for Special Categories Data

In the months leading up to 25th May 2018, data controllers will have been working like Trojans to become GDPR compliant. Data Protection Officers may have been pulling their hair out at the length of their ‘to do lists’.  Not least, working out … Continue reading

Posted in DP ACT 2018, GDPR, ICO, Information Security | 2 Comments

GDPR is coming but don’t panic!

The General Data Protection Regulation (GDPR)will come into force in 3 weeks time. 25thMay though is not a cliff edge; nor is it doomsday when the Information Commissioner will start wielding her 20million Euro (fine) stick! In December, the Commissioner … Continue reading

Posted in Data Protection, EU DP Regulation, GDPR, ICO, Information Security, Privacy, schools, Scotland, Scottish Information Commissioner, Training | 2 Comments