The United Kingdom's Information Commissioner's Office has issued an opinion on the joint initiative by Apple and Google, referred to as the Contact Tracing Framework (CTF), to enable the use of Bluetooth technology to help...more
The United Kingdom’s Information Commissioner’s Office has provided it’s guidance on COVID-19 and data privacy.
•Public health messages are not direct marketing.
•It’s about being proportionate – if some data processing...more
The United Kingdom's Information Commissioner's Office has issued, for public consultation, draft guidance on the right of access under the General Data Protection Regulation (GDPR).
Key takeaways:
To Prepare for a Data...more
The United Kingdom's Information Commissioner's Office has updated its guidance on Special Category Data (Article 9 General Data Protection Regulation). Key takeaways:
Genetic Data-
Genetic analysis that includes enough...more
The UK’s Information Commissioner’s Office has issued an opinion on the use of Live Facial Recognition technology by law enforcement.
Key takeaways:
The use of Live Facial Recognition (LFR) involves processing of...more
The United Kingdom’s Information Commissioner’s Office has launched a public consultation on how to create a toolkit to help organizations assess whether they have appropriate and effective internal data protection governance...more
Following a decision from the Court of Justice of the EU, the UK Information Commissioner’s Office changed its guidance on how to calculate the GDPR 30-day time limit for data subject requests....more
The UK Information Commissioner’s Office (ICO) has joined data protection authorities from around the world in calling for more openness about the proposed Libra digital currency and infrastructure....more
The United Kingdom’s Information Commissioners Office (ICO) has issued, for public consultation, draft guidelines for data sharing that—once adopted —will govern all controller-to-controller data sharing agreements which are...more
Strict is for cookie, that’s good enough for me.
The United Kingdom’s Information Commissioner’s Office highlights “strictly necessary” cookies:
Strictly necessary cookies are cookies which are essential, not just nice...more
Analytics cookies in the crossfire.
Different approaches set forth in the CNIL Guidance and in the ICO cookie guidance.
CNIL – Set list of terms to qualify for an exemption from the need to obtain consent....more
Questions to ask when sharing data between two data controllers (from the ICO Data Sharing Code of Conduct):
What is the sharing meant to achieve?...more
Checklist for drafting your controller-controller data sharing agreement (from the ICO Data Sharing Code of Conduct now out for public consultation):
What is the purpose of the data sharing initiative?...more
Milk, meat, fruits, breads … and data protection.
These are the new food groups for your M&A deal.
Just 24 hours after the notice of intent to fine British Airways 183 Million GBP, the UK ICO issued an intent to fine...more
7/10/2019
/ Acquisitions ,
British Airways ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Due Diligence ,
EU ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Mergers ,
Popular ,
UK
If you wait for them, the big General Data Protection Regulation (GDPR) fines will come.
UK Data protection authority, ICO, announced its intent to fine British Airways 183 million GBP (1.5 percent of annual revenue) for a...more
7/9/2019
/ British Airways ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
EU ,
Fines ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Popular ,
UK
The UK’s ICO has issued a report on data protection in the adtech process of real time bidding (RTB).
RTB relies on the potential advertiser seeing information about you....more
“The crucial, crucial change [GDPR] brought was around accountability. Accountability encapsulates everything the GDPR is about,” says UK Information Commissioner Elizabeth Denham.
Denham said companies must understand the...more
Beware the unsolicited email.
UK ICO fines a pensions company £40,000 for sending nearly two million direct marketing emails without consent....more
Data subject access rights and your medical practice: The UK Information Commissioner’s Office (ICO) issues advice.
Medical practices have reported a significant rise in subject access requests (SARs) since the GDPR came...more
“It is important that organizations have appropriate technical and organisational measures in place. This includes having clear data protection policies, taking a ‘data protection by design and default’ approach and...more
The UK Information Commissioner’s Office (ICO) has issued expanded guidance on “Personal Data” under the EU General Data Protection Regulation (GDPR).
Here are the highlights: -
Pseudonymization does not change the status...more
IF Brexit AND Privacy Shield THEN (amend privacy notice).
If you use the EU U.S. Privacy Shield mechanism to transfer Personal Data from the UK to the U.S., you will need to amend your privacy disclosure to state...more
A Data Protection Impact Assessment (DPIA) is a process, required by the EU General Data Protection Regulation (GDPR), to help identify and minimize the data protection risks of a project....more
The UK Information Commissioner’s Office (ICO) has issued a new guidance on the liabilities of Controllers and Processors, advising that the Controller is responsible for assessing that its Processor is competent to process...more
The UK Information Commissioner’s Office (ICO) has issued several new guidance documents on Data Controllers, Data Processors and the interaction among them....more