fbpx

Download free GDPR compliance checklist!

Tag Archives for " ICO "

Ticketmaster fined £1.25m over personal data breach

Ticketmaster has been fined £1.25m for failing to keep the personal data of millions of customers secure.

The online events ticket seller failed to put “appropriate security measures in place” to prevent a cyber-attack on a chat-bot installed on its online payment page, the Information Commissioner’s Office (ICO) in the UK said.

The breach potentially affected 9.4million customers across Europe. As a result, 60,000 payment cards belonging to Barclays Bank customers were subjected to fraud, and another 6,000 cards were replaced by Monzo bank after suspected fraud.

Source: Ticketmaster fined £1.25m over personal data breach

UK’s ICO faces legal action after closing adtech complaint with nothing to show

The UK’s data watchdog is facing a legal challenge after it took the decision to quietly close a complaint against the adtech industry’s high velocity background trading of personal data.

The original complaint — challenging the adtech industry’s compliance with Europe’s General Data Protection Regulation (GDPR) — was filed to the ICO in September 2018 by Jim Killock, executive director of the Open Rights Group, and Michael Veale, a lecturer in digital rights at the University College London.

Source: UK’s ICO faces legal action after closing adtech complaint with nothing to show for it | TechCrunch

ICO Publishes Report on Compliance in Direct Marketing Data Broking Sector

On October 27, 2020, the UK Information Commissioner’s Office (ICO) published a report following its investigation into data protection compliance in the direct marketing data broking sector, alongside its enforcement action against Experian.

During the investigation, the ICO conducted audits of the direct marketing data broking businesses of the UK’s three largest credit reference agencies  – Experian, Equifax and TransUnion – and found “significant data  protection failures at each” that were “deeply embedded” within the businesses.

Source: ICO Publishes Report on Compliance in Direct Marketing Data Broking Sector

Data protection scofflaws failed to pay £2m or 68% of fines from UK watchdog

Scofflaws have failed to pay nearly £2m in fines handed out by the UK Information Commissioner’s Office over the past 18 months, according to new research.

Between January 2019 and August 2020, the ICO issued a total of £3.2m in monetary penalty notices but just £1.03m has been paid, according to research from SMS API biz The SMS Works.

When measured as a percentage of the fine amount, nuisance-call operators were the least likely to have paid their fines, with The SMS Works finding that just 13 per cent of penalties handed to such firms had been paid.

Source: Data protection scofflaws failed to pay £2m in fines from UK watchdog – and 68% of penalties are still outstanding • The Register

Marriott International fined £18.4m for 2014 data breach

The UK data regulator has issued Marriott International with a watered-down £18.4 million fine for a data breach that affected 339 million guest records worldwide.

The sum has been significantly reduced from the initial £99 million notice of intent to fine that the Information Commissioner’s Office (ICO) first issued the hotel chain in July 2019. The decision to issue a substantially lower fine once again raises questions as to the effectiveness of GDPR enforcement.

Source: Marriott International fined £18.4m for 2014 data breach | IT PRO

Experian vows to drag UK’s Information Commissioner’s Office to court after being told off for data-slurping practices

Experian has been rapped over the knuckles by the UK’s Information Commissioner’s Office (ICO) after it discovered the credit reference agency was trading “millions” of people’s data for marketing purposes.

Instead of issuing a monetary fine, however, the data regulator wrapped up a two-year probe yesterday by merely insisting Experian tweaks its online privacy policies and informs consumers it acquired data about them.

In an aggressive response, Experian chief exec Brian Cassin claimed the ICO enforcement notice against his employer “risks damaging the services that help consumers, thousands of small businesses and charities, particularly as they try to recover from the COVID-19 crisis.”

Source: Experian vows to drag UK’s Information Commissioner’s Office to court after being told off for data-slurping practices • The Register

Experian faces GDPR action after ICO finds ‘widespread data protection failings’

The Information Commissioner’s Office (ICO) has ordered credit rating giant Experian to stop profiting from the secretive enriching and processing of people’s personal data or face a massive GDPR fine.

The investigation found the three firms were trading, enriching and enhancing people’s personal data without their knowledge or consent. This resulted in products which were used by third-party commercial organisations to find new customers, identify those who were most likely to be able to afford products, and build individual profiles around people.

UK watchdog gives Experian nine-month ultimatum to change ‘illegal’ business practices or face punishment.

Source: Experian faces GDPR action after ICO finds ‘widespread data protection failings’ | IT PRO

ICO probes complaints following allegations Wagamama used Covid-19 track and trace data to survey customers

Wagamama customers in the UK have allegedly been sent a survey after sharing contact details for Covid-19 contact tracing, The Times reports. The Information Commissioner’s Office (ICO) is now making enquiries after receiving a number of complaints about the restaurant chain.

UK regulations state that hospitality venues including restaurants must ask at least one member of every party of customers to provide their name and contact details or use a QR code. Some customers reportedly received a survey after sharing contact details with Wagamama, despite not granting permission.

Source: ICO probes complaints following allegations Wagamama used Covid-19 track and trace data to survey customers

ICO probes Klarna after newsletter emailed to customers in error

Klarna, a Swedish provider of payment solutions, surprised some UK consumers this week when it mistakenly sent a marketing email to people who had not opted in to receive the weekly newsletter.

Klarna, a Swedish provider of payment solutions, mistakenly sent a marketing email to people who had not opted in to receive the weekly newsletter. And the ICO had received more than 90 complaints from members of the public.

Source: ICO probes Klarna after newsletter emailed to customers in error – PrivSec Report

ICO fines British Airways £20m for data breach affecting more than 400,000 customers

The Information Commissioner’s Office (ICO) has fined British Airways (BA) £20m for failing to protect the personal and financial details of more than 400,000 of its customers.

An ICO investigation found the airline was processing a significant amount of personal data without adequate security measures in place. This failure broke data protection law and, subsequently, BA was the subject of a cyber-attack during 2018, which it did not detect for more than two months.

Source: ICO fines British Airways £20m for data breach affecting more than 400,000 customers | ICO

1 2 3 19
>