fbpx

Download free GDPR compliance checklist!

Tag Archives for " ICO "

UK regulator to write to WhatsApp over Facebook data sharing

The UK’s data regulator is writing to WhatsApp to demand that the chat app does not hand user data to Facebook, as millions worldwide continue to sign up for alternatives such as Signal and Telegram to avoid forthcoming changes to its terms of service.

Elizabeth Denham, the information commissioner, told a parliamentary committee that in 2017, WhatsApp had committed not to hand any user information over to Facebook until it could prove that doing so respected GDPR.

Source: UK regulator to write to WhatsApp over Facebook data sharing | WhatsApp | The Guardian

ICO resumes adtech investigation

In May 2020, UK’s information Commissioner’s Office (ICO) paused investigation into real time bidding (RTB) and the adtech industry, as they prioritised activities responding to the COVID-19 pandemic. Now ICO have resumed the investigation.

Work will continue with a series of audits focusing on digital market platforms and we will be issuing assessment notices to specific companies in the coming months. The investigation is vast and complex and, because of the sensitivity of the work, said ICO.

Source: Adtech investigation resumes | ICO

UK ICO Publishes New Data Sharing Code

On December 17, 2020, the UK Information Commissioner’s Office (ICO) published its Data Sharing Code of Practice following a public consultation which commenced in 2019.

The Code focuses mainly on data sharing among data controllers who are subject to the GDPR and the UK Data Protection Act 2018. Due to the detailed way in which the Code covers data sharing in the context of the GDPR, it will also be of wider interest to data controllers in the EU and beyond – even after the end of the Brexit transition period.

Source: UK ICO Publishes New Data Sharing Code | Alston & Bird Privacy Blog

‘Antiquated process’: UK data regulator on obtaining Cambridge Analytica warrant

The information commissioner has criticised the “antiquated process” that led to Facebook getting hold of Cambridge Analytica’s servers before the UK regulator itself, and renewed calls for an international approach to data privacy to tackle the emerging threat of data havens.

Elizabeth Denham, the information commissioner, spoke to Damian Collins MP, the former chair of the digital, culture, media and sport committee, who led the parliamentary enquiry into disinformation, on his podcast Infotagion. She described discovering that Facebook was inside the offices of defunct electioneering consultancy Cambridge Analytica while in the middle of an interview with Channel 4’s Jon Snow.

Source: ‘Antiquated process’: data regulator on obtaining Cambridge Analytica warrant | Data protection | The Guardian

Ticketmaster fined £1.25m over personal data breach

Ticketmaster has been fined £1.25m for failing to keep the personal data of millions of customers secure.

The online events ticket seller failed to put “appropriate security measures in place” to prevent a cyber-attack on a chat-bot installed on its online payment page, the Information Commissioner’s Office (ICO) in the UK said.

The breach potentially affected 9.4million customers across Europe. As a result, 60,000 payment cards belonging to Barclays Bank customers were subjected to fraud, and another 6,000 cards were replaced by Monzo bank after suspected fraud.

Source: Ticketmaster fined £1.25m over personal data breach

UK’s ICO faces legal action after closing adtech complaint with nothing to show

The UK’s data watchdog is facing a legal challenge after it took the decision to quietly close a complaint against the adtech industry’s high velocity background trading of personal data.

The original complaint — challenging the adtech industry’s compliance with Europe’s General Data Protection Regulation (GDPR) — was filed to the ICO in September 2018 by Jim Killock, executive director of the Open Rights Group, and Michael Veale, a lecturer in digital rights at the University College London.

Source: UK’s ICO faces legal action after closing adtech complaint with nothing to show for it | TechCrunch

ICO Publishes Report on Compliance in Direct Marketing Data Broking Sector

On October 27, 2020, the UK Information Commissioner’s Office (ICO) published a report following its investigation into data protection compliance in the direct marketing data broking sector, alongside its enforcement action against Experian.

During the investigation, the ICO conducted audits of the direct marketing data broking businesses of the UK’s three largest credit reference agencies  – Experian, Equifax and TransUnion – and found “significant data  protection failures at each” that were “deeply embedded” within the businesses.

Source: ICO Publishes Report on Compliance in Direct Marketing Data Broking Sector

Data protection scofflaws failed to pay £2m or 68% of fines from UK watchdog

Scofflaws have failed to pay nearly £2m in fines handed out by the UK Information Commissioner’s Office over the past 18 months, according to new research.

Between January 2019 and August 2020, the ICO issued a total of £3.2m in monetary penalty notices but just £1.03m has been paid, according to research from SMS API biz The SMS Works.

When measured as a percentage of the fine amount, nuisance-call operators were the least likely to have paid their fines, with The SMS Works finding that just 13 per cent of penalties handed to such firms had been paid.

Source: Data protection scofflaws failed to pay £2m in fines from UK watchdog – and 68% of penalties are still outstanding • The Register

Marriott International fined £18.4m for 2014 data breach

The UK data regulator has issued Marriott International with a watered-down £18.4 million fine for a data breach that affected 339 million guest records worldwide.

The sum has been significantly reduced from the initial £99 million notice of intent to fine that the Information Commissioner’s Office (ICO) first issued the hotel chain in July 2019. The decision to issue a substantially lower fine once again raises questions as to the effectiveness of GDPR enforcement.

Source: Marriott International fined £18.4m for 2014 data breach | IT PRO

Experian vows to drag UK’s Information Commissioner’s Office to court after being told off for data-slurping practices

Experian has been rapped over the knuckles by the UK’s Information Commissioner’s Office (ICO) after it discovered the credit reference agency was trading “millions” of people’s data for marketing purposes.

Instead of issuing a monetary fine, however, the data regulator wrapped up a two-year probe yesterday by merely insisting Experian tweaks its online privacy policies and informs consumers it acquired data about them.

In an aggressive response, Experian chief exec Brian Cassin claimed the ICO enforcement notice against his employer “risks damaging the services that help consumers, thousands of small businesses and charities, particularly as they try to recover from the COVID-19 crisis.”

Source: Experian vows to drag UK’s Information Commissioner’s Office to court after being told off for data-slurping practices • The Register

1 2 3 20
>