FitBit
,

Fitbit Data Transfer Complaints

Vienna-based advocacy group ‘Noyb’ has filed complaints against Google-owned Fitbit, alleging that it has violated the EU’s GDPR over illegal exporting of user data.  Complaints In Three Countries  Noyb, which stands for ‘None…
paper files

Explosion In Subject Access Requests

Following the recent Nigel Farage and Coutts Bank row, we look at what a Subject Access Request (SAR) is, how to make one, and why there appears to have been an explosion of them in recent times.   What Happened Between Nigel Farage…
laptop
, ,

Email : Terminating Trackers

In this insight, we look at what email trackers are, how they work, what the main concerns about them are, plus how you can protect yourself from email trackers. What Is An Email Tracker?  An email tracker is a tool or technology used…
document

What Happened Recently With The ICO?

Following news of a Freedom of Information (FOI) disclosure revealing a lack of public reprimands issued over GDPR breaches in the public sector, we take a closer look at the FOI, what it can be used for, and how it’s linked to the ICO.  What…
using phone
,

Recording Phone Calls On Your Mobile

In this article, we look at the legal issues around recording calls on your mobile, and the different methods for doing so.  Is It Legal To Record Phone Calls On Your Mobile?  In the UK, as an individual mobile phone user, generally…
GDPR
,

Featured Article : New ICO Head and Data Protection Law Reforms

Data Protection Reforms Since Brexit, the UK government has been seeking to reform data protection regulations in the UK in a way that it says will cut down on what Digital Secretary Oliver Dowden has been quoted describing as the “needless…
Gavel
,

Computer Says “Guilty”

An error in the HM Courts and Tribunals Service computer system meant that 5,000+ defendants were wrongly assigned guilty pleas. Accidental Criminal Convictions The problem that led to 5,000+ people being wrongly given criminal convictions…
screen reflectionpexels
,

Data Breaches : The Fallout

Data Breaches A personal data breach, as defined by the UK’s data watchdog and regulator, The Information Commissioner’s Office (ICO), is “a breach of security leading to the accidental or unlawful destruction, loss, alteration,…
Robot
,

AI, Data Protection & The ICO

The Information Commissioner’s Office (ICO) has published guidelines to help clarify how data protection principles apply to AI projects. The Document The guidance document (now a pdf available online on the ICO website) was produced…
GDPR

Test and Trace Breaks GDPR Say Campaigners

The Open Rights Group (ORG) has said that England’s COVID-19 Test and Trace programme is in breach of GDPR. Test and Trace The COVID-19 test and trace system requires people to share personal data such as their name and date of birth,…
GMA Logo
, , ,

Police Images of Serious Offenders Reportedly Shared With Private Landlord For Facial Recognition Trial

There have been calls for government intervention after it was alleged that South Yorkshire Police shared its images of serious offenders with a private landlord (Meadowhall shopping centre in Sheffield) as part of a live facial recognition…
GMA Logo
,

Avast Anti-Virus Is To Close Subsidiary Jumpshot After Browsing Data Selling Privacy Concerns

Avast, the Anti-virus company, has announced that it will not be providing any more data to, and will be commencing “a wind down” of its subsidiary Jumpshot Inc after a report that it was selling supposedly anonymised data to advertiser…
GMA Logo

£100m Fines Across Europe In The First 18 Months of GDPR

It has been reported that since the EU’s General Data Protection Regulation (GDPR) came into force in May 2018, £100m of data protection fines have been imposed on companies and organisations across Europe. The Picture In The UK The…
GMA Logo

Over Half of Businesses Don’t Respond To GDPR Requests On Time

The results of a survey by Talend show that 58% of businesses worldwide fail to address requests from individuals for a copy of their personal data within the one-month time limit as required by GDPR. Bad, But Better Than Last Year The…
GMA Logo

Using GDPR To Get Partner’s Personal Data

A University of Oxford researcher, James Pavur, has explained how (with the consent of his partner) he was able to exploit rights granted under GDPR to obtain a large amount of his partner’s personal data from a variety of companies. Right…
GMA Logo

£80,000 Fine For London Estate Agency Highlights Importance of Due Diligence in Data Protection

The issuing of an £80,000 fine by the Information Commissioner’s Office (ICO) to London-based estate agency Parliament View Ltd (LPVL) highlights the importance of due diligence when keeping customer data safe. What Happened? Prior…
GMA Logo

£183 Million Fine (Biggest Ever) For BA Data Breach

The Information Commissioner’s Office (ICO) has imposed a £183 million fine on British Airways, the biggest fine to date under GDPR, for a data breach where the personal details of 500,000 customers were accessed by hackers. The Breach The…
GMA Logo

ICO’s Own Website Fails GDPR Compliance Test

Irony and embarrassment are the order of the day as the Information Commissioner’s Office, which is responsible for ensuring GDPR compliance in the websites of businesses and organisations, has been forced to admit that its own website is…
GMA Logo

Employee Subject Access Requests Increasing Costs For Their Companies

Research by law firm Squire Patton Boggs has revealed (one year on from the introduction of GDPR ) that companies are facing cost pressures from a large number of subject access requests (SARs) coming from their own employees. SARs A…
GMA Logo
,

Data Breach Report A Sharp Reminder of GDPR

The findings of Verizon’s 2019 Data Breach Investigations Report have reminded companies that let customer information go astray that they could be facing big fines and damaging publicity. The Report The annual Verizon Data Breach Investigations…
GMA Logo
, ,

GDPR Says HMRC Must Delete Five Million Voice Records

The Information Commissioner's Office (ICO) has concluded that HMRC has breached GDPR in the way that it collected the biometric voice records of users and now must delete five million biometric voice files. What Voice Files? Back in…
GMA Logo
, ,

Millions of Taxpayers’ Voiceprints Added to Controversial HMRC Biometric Database

The fact that the voiceprints of more than 2 million people have been added to HMRC’s Voice ID scheme since June 2018, to add to the 5 million plus other voiceprints already collected, has led to complaints and challenges to the lawfulness…
GMA Logo
, , ,

£15K Fine For Ignoring Data Access Requests

SCL Elections, the parent company of the now defunct Cambridge Analytica which was famously involved in the Facebook profile harvesting scandal, has been fined £15,000 for failing to respond to a data access request from a US citizen, and for…
GMA Logo

Data Protection Trust Levels Still Low After GDPR

A report by the Chartered Institute of Marketing (CIM) has shown that as 42% of consumers have received communications from businesses they had not given permission to contact them (since GDPR came into force), this could be a key reason why…
GMA Logo
, ,

Facial Recognition For Buyers Of Alcohol & Cigarettes

A pilot scheme involving NCR, the US self check-out machine maker for Asda, Tesco and other UK supermarkets, and Yoti’s digital identity app will use an integrated camera linked to facial recognition software to help improve, simplify and…
GMA Logo

ICO Highlights Prevalence of GDPR Myths

The Information Commissioner’s Office (ICO) has reported taking 500+ calls per week reporting GDPR data breaches, but one-third of the calls appear to be based on myths and misunderstandings or over-reporting about GDPR matters. Update After…
GMA Logo
,

Half of Us Will Activate Our New GDPR Rights Within A Year

The results of a new survey by analytics, business intelligence and data management firm SAS indicate that more than half of UK consumers look likely to exercise their new GDPR rights within the first year of GDPR’s introduction. GDPR The…
GMA Logo
, , ,

10 Million Affected by Dixons Carphone Data Breach

Dixons Carphone has announced that, after a review following a hack of its customers’ data, 10 million customers rather than the original estimate of 1.2 million have actually been affected. What Happened? Back in June, Dixons Carphone announced…
GMA Logo
,

Tech Giant GDPR Privacy Settings ‘Unethical’ Says Council

The ‘Deceived By Design’ report by the government-funded Norwegian Consumer Council has accused tech giants Microsoft, Facebook and Google of being unethical by leading users into selecting settings that do not benefit their privacy. Illusion…
GMA Logo
,

Domain Names & GDPR

A recent ruling by a German court about GDPR also applies to personal information held in the worldwide whois service, could mean that domain name admin and tech contact details may no longer be needed because of the GDPR ‘data minimisation…
GMA Logo
, ,

Instant GDPR Complaints For Web Giants

In an almost inevitable turn of events, the social media and tech giants Facebook, Google, Instagram and WhatsApp faced a barrage of accusations that they were not compliant within hours of GDPR being introduced on May 25th. What’s Wrong? The…
GMA Logo
, ,

Data Breach Fine For UK University

The Information Commissioner (ICO) has imposed a fine of £120,000 on the University of Greenwich for a data breach that left the personal details of thousands of students exposed online. What Happened? The breach was discovered back in February…
GMA Logo

GDPR: Don’t Get Caught Out By Your Logfiles

With all the focus on the more visible elements of GDPR compliance ahead of the Regulation’s introduction of May 25th, one EU Working group is warning businesses not to forget what’s stored in the logfiles of their Internet-facing servers. What…
facebook-targeting
,

Facebook Ads That Target Your Beliefs

In a new trial involving a small number of users in the UK, Facebook has said that it will be testing the targeting of adverts based on users’ specific political and religious beliefs. Why? According to Facebook, the trial will help the…
GDPR

Preparing for the GDPR: 10 steps to take now…

This checklist highlights 10 steps you can take now to prepare for the General Data Protection Regulation (GDPR) which will apply from 25 May 2018. Awareness Although the GDPR doesn’t come into force until May 2018, it can take several…
Call Recording
,

Call Recording and the GDPR

The General Data Protection Regulation came into force in May 2018 across Europe, which means all national data protection laws will be replaced. A huge amount of businesses use and rely on call recording as a key tool within their business.…