Fitbit Data Transfer Complaints
Vienna-based advocacy group ‘Noyb’ has filed complaints against Google-owned Fitbit, alleging that it has violated the EU’s GDPR over illegal exporting of user data.
Complaints In Three Countries
Noyb, which stands for ‘None…
Explosion In Subject Access Requests
Following the recent Nigel Farage and Coutts Bank row, we look at what a Subject Access Request (SAR) is, how to make one, and why there appears to have been an explosion of them in recent times.
What Happened Between Nigel Farage…
Email : Terminating Trackers
In this insight, we look at what email trackers are, how they work, what the main concerns about them are, plus how you can protect yourself from email trackers.
What Is An Email Tracker?
An email tracker is a tool or technology used…
What Happened Recently With The ICO?
Following news of a Freedom of Information (FOI) disclosure revealing a lack of public reprimands issued over GDPR breaches in the public sector, we take a closer look at the FOI, what it can be used for, and how it’s linked to the ICO.
What…
Recording Phone Calls On Your Mobile
In this article, we look at the legal issues around recording calls on your mobile, and the different methods for doing so.
Is It Legal To Record Phone Calls On Your Mobile?
In the UK, as an individual mobile phone user, generally…
Featured Article : New ICO Head and Data Protection Law Reforms
Data Protection Reforms
Since Brexit, the UK government has been seeking to reform data protection regulations in the UK in a way that it says will cut down on what Digital Secretary Oliver Dowden has been quoted describing as the “needless…
Computer Says “Guilty”
An error in the HM Courts and Tribunals Service computer system meant that 5,000+ defendants were wrongly assigned guilty pleas.
Accidental Criminal Convictions
The problem that led to 5,000+ people being wrongly given criminal convictions…
Data Breaches : The Fallout
Data Breaches
A personal data breach, as defined by the UK’s data watchdog and regulator, The Information Commissioner’s Office (ICO), is “a breach of security leading to the accidental or unlawful destruction, loss, alteration,…
AI, Data Protection & The ICO
The Information Commissioner’s Office (ICO) has published guidelines to help clarify how data protection principles apply to AI projects.
The Document
The guidance document (now a pdf available online on the ICO website) was produced…
Test and Trace Breaks GDPR Say Campaigners
The Open Rights Group (ORG) has said that England’s COVID-19 Test and Trace programme is in breach of GDPR.
Test and Trace
The COVID-19 test and trace system requires people to share personal data such as their name and date of birth,…
Police Images of Serious Offenders Reportedly Shared With Private Landlord For Facial Recognition Trial
There have been calls for government intervention after it was alleged that South Yorkshire Police shared its images of serious offenders with a private landlord (Meadowhall shopping centre in Sheffield) as part of a live facial recognition…
Avast Anti-Virus Is To Close Subsidiary Jumpshot After Browsing Data Selling Privacy Concerns
Avast, the Anti-virus company, has announced that it will not be providing any more data to, and will be commencing “a wind down” of its subsidiary Jumpshot Inc after a report that it was selling supposedly anonymised data to advertiser…
£100m Fines Across Europe In The First 18 Months of GDPR
It has been reported that since the EU’s General Data Protection Regulation (GDPR) came into force in May 2018, £100m of data protection fines have been imposed on companies and organisations across Europe.
The Picture In The UK
The…
Over Half of Businesses Don’t Respond To GDPR Requests On Time
The results of a survey by Talend show that 58% of businesses worldwide fail to address requests from individuals for a copy of their personal data within the one-month time limit as required by GDPR.
Bad, But Better Than Last Year
The…
Using GDPR To Get Partner’s Personal Data
A University of Oxford researcher, James Pavur, has explained how (with the consent of his partner) he was able to exploit rights granted under GDPR to obtain a large amount of his partner’s personal data from a variety of companies.
Right…
£80,000 Fine For London Estate Agency Highlights Importance of Due Diligence in Data Protection
The issuing of an £80,000 fine by the Information Commissioner’s Office (ICO) to London-based estate agency Parliament View Ltd (LPVL) highlights the importance of due diligence when keeping customer data safe.
What Happened?
Prior…
£183 Million Fine (Biggest Ever) For BA Data Breach
The Information Commissioner’s Office (ICO) has imposed a £183 million fine on British Airways, the biggest fine to date under GDPR, for a data breach where the personal details of 500,000 customers were accessed by hackers.
The Breach
The…
ICO’s Own Website Fails GDPR Compliance Test
Irony and embarrassment are the order of the day as the Information Commissioner’s Office, which is responsible for ensuring GDPR compliance in the websites of businesses and organisations, has been forced to admit that its own website is…
Employee Subject Access Requests Increasing Costs For Their Companies
Research by law firm Squire Patton Boggs has revealed (one year on from the
introduction of GDPR ) that companies are facing
cost pressures from a large number of subject access requests (SARs) coming from their own
employees.
SARs
A…
Data Breach Report A Sharp Reminder of GDPR
The findings of Verizon’s 2019 Data Breach Investigations Report have reminded companies that let customer information go astray that they could be facing big fines and damaging publicity.
The Report
The annual Verizon Data Breach Investigations…
GDPR Says HMRC Must Delete Five Million Voice Records
The Information Commissioner's Office (ICO) has concluded that HMRC has breached GDPR in the way that it collected the biometric voice records of users and now must delete five million biometric voice files.
What Voice Files?
Back in…
Millions of Taxpayers’ Voiceprints Added to Controversial HMRC Biometric Database
The fact that the voiceprints of more than 2 million people have been added to HMRC’s Voice ID scheme since June 2018, to add to the 5 million plus other voiceprints already collected, has led to complaints and challenges to the lawfulness…
£15K Fine For Ignoring Data Access Requests
SCL Elections, the parent company of the now defunct Cambridge Analytica which was famously involved in the Facebook profile harvesting scandal, has been fined £15,000 for failing to respond to a data access request from a US citizen, and for…
Data Protection Trust Levels Still Low After GDPR
A report by the Chartered Institute of Marketing (CIM) has shown that as 42% of consumers have received communications from businesses they had not given permission to contact them (since GDPR came into force), this could be a key reason why…
Facial Recognition For Buyers Of Alcohol & Cigarettes
A pilot scheme involving NCR, the US self check-out machine maker for Asda, Tesco and other UK supermarkets, and Yoti’s digital identity app will use an integrated camera linked to facial recognition software to help improve, simplify and…
ICO Highlights Prevalence of GDPR Myths
The Information Commissioner’s Office (ICO) has reported taking 500+ calls per week reporting GDPR data breaches, but one-third of the calls appear to be based on myths and misunderstandings or over-reporting about GDPR matters.
Update After…
Half of Us Will Activate Our New GDPR Rights Within A Year
The results of a new survey by analytics, business intelligence and data management firm SAS indicate that more than half of UK consumers look likely to exercise their new GDPR rights within the first year of GDPR’s introduction.
GDPR
The…
10 Million Affected by Dixons Carphone Data Breach
Dixons Carphone has announced that, after a review following a hack of its customers’ data, 10 million customers rather than the original estimate of 1.2 million have actually been affected.
What Happened?
Back in June, Dixons Carphone announced…
Tech Giant GDPR Privacy Settings ‘Unethical’ Says Council
The ‘Deceived By Design’ report by the government-funded Norwegian Consumer Council has accused tech giants Microsoft, Facebook and Google of being unethical by leading users into selecting settings that do not benefit their privacy.
Illusion…
Domain Names & GDPR
A recent ruling by a German court about GDPR also applies to personal information held in the worldwide whois service, could mean that domain name admin and tech contact details may no longer be needed because of the GDPR ‘data minimisation…
Instant GDPR Complaints For Web Giants
In an almost inevitable turn of events, the social media and tech giants Facebook, Google, Instagram and WhatsApp faced a barrage of accusations that they were not compliant within hours of GDPR being introduced on May 25th.
What’s Wrong?
The…
Data Breach Fine For UK University
The Information Commissioner (ICO) has imposed a fine of £120,000 on the University of Greenwich for a data breach that left the personal details of thousands of students exposed online.
What Happened?
The breach was discovered back in February…
GDPR: Don’t Get Caught Out By Your Logfiles
With all the focus on the more visible elements of GDPR compliance ahead of the Regulation’s introduction of May 25th, one EU Working group is warning businesses not to forget what’s stored in the logfiles of their Internet-facing servers.
What…
Facebook Ads That Target Your Beliefs
In a new trial involving a small number of users in the UK, Facebook has said that it will be testing the targeting of adverts based on users’ specific political and religious beliefs.
Why?
According to Facebook, the trial will help the…
Preparing for the GDPR: 10 steps to take now…
This checklist highlights 10 steps you can take now to prepare for the General Data Protection Regulation (GDPR) which will apply from 25 May 2018.
Awareness
Although the GDPR doesn’t come into force until May 2018, it can take several…
Call Recording and the GDPR
The General Data Protection Regulation came into force in May 2018 across Europe, which means all national data protection laws will be replaced.
A huge amount of businesses use and rely on call recording as a key tool within their business.…