Download free GDPR compliance checklist!

Tag Archives for " ICO "

UK ICO Issues Draft Guidance on Explaining Decisions Made by AI

The UK’s Information Commissioner’s Office (“ICO”) has issued and is consulting on draft guidance about explaining decisions made by AI. The ICO prepared the guidance with The Alan Turing Institute, which is the UK’s national institute for data science and artificial intelligence.

The guidance sets out key principles to follow and steps to take when explaining AI-assisted decisions — including in relation to different types of AI algorithms — and the policies and procedures that organizations should consider putting in place.

Guidance is out for consultation until January 24 2020.

Acces ICO AI guidelines.

UK ICO publishes new guidance on special category data

On November 14, 2019, the UK Information Commissioner’s Office (ICO) published detailed guidance on the processing of special category data.

The guidance sets out

  • what are the special categories of data,
  • the rules that apply to the processing of special category data under the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018 (DPA);
  • the conditions for processing special category data; and
  • additional guidance on the substantial public interest condition, including what is an “appropriate policy document”.

Source: UK ICO publishes new guidance on special category data

The ICO are owed £7m in unpaid fines

The Information Commissioner’s Office (ICO) are struggling to collect monetary penalties from organisations it has fined since 2015.

152 fines have been issued since 2015, equating to £16.6 million – however, 30% are still unpaid which amounts to over £7 million.

Fines handed to charities and public organisations have all been paid, however the main culprits for non-payment are in the claims management industry. The industry has received a total of £3.2 million in fines, yet only £490,000 has been collected, and an overwhelming 84% remains unpaid.

Source: #Privacy: The ICO are owed £7m in unpaid fines

UK’s data regulator again warns ad tech over GDPR compliance

U.K. data protection authority, The Information Commissioner’s Office, has stepped up its warning for the ad tech industry to get its house in order quickly if it is to comply with the European Union’s General Data Protection Regulation (GDPR) and avoid heavy fines.

The ICO held an “ad tech fact-finding forum” in London on Tuesday. It discussed the data protection watchdog’s latest findings since it released a report in June taking the ad tech and real-time bidding marketplace to task on GDPR compliance and giving the industry six months to clean up its act. This summer the ICO said the industry’s current real-time bidding protocols violate GDPR. At the time, the ICO outlined “key areas of concern” including issues such as companies’ treatment of sensitive, “special category” data and the often substandard contractual agreements to protect how bid-request data is shared between vendors.

Source: UK’s data regulator again warns ad tech over GDPR compliance – Digiday

ICO concerned by mass health data-sharing with advertisers

The UK’s data regulator has expressed deep concerns over reports that some of the most popular health websites are sharing sensitive data with advertisers across the world.

The majority of prominent health websites embed tracking cookies in users’ browsers without explicit consent to allow third-party companies to track them while surfing the internet.

This data is then transmitted to a swathe of advertising platforms including Amazon and Facebook, with the majority of data sent to Google’s DoubleClick targeted ad platform. This includes information like medical symptoms, diagnoses, drug names and fertility information.

Source: ICO concerned by mass health data-sharing with advertisers | IT PRO

UK’s DPA: police should think over live facial recognition technology

How far should we, as a society, consent to police forces reducing our privacy in order to keep us safe?

The current combination of laws, codes and practices relating to live facial recognition (LFR) will not drive the ethical and legal approach that’s needed to truly manage the risk that this technology presents.

The absence of a statutory code that speaks to the specific challenges posed by LFR will increase the likelihood of legal failures and undermine public confidence in its use.

Full article: Blog: Live facial recognition technology – police forces need to slow down and justify its use | ICO

Facebook accepts Cambridge Analytica fine

Facebook has said it will pay the £500,000 financial penalty that the social network was issued by the UK’s data privacy watchdog, the Information Commissioner’s Office (ICO).

The fine came as a result of Facebook’s role in the Cambridge Analytica scandal, news of which first broke in March 2018.

Source: #Privacy: Facebook accepts ICO Cambridge Analytica fine

The ICO Updates Its Data Sharing Code of Practice

On 9 July 2019 the UK data protection authority (ICO) updated its Data Sharing Code of Practice (first published in 2011).

The Code is publicly available for consultation until 9 September 2019. Once finalised, the Code will become a statutory code of practice under the DPA. Non-compliance with the code will likely be considered non-compliance with data protection laws.

Source: The ICO Updates Its Data Sharing Code of Practice

ICO Launches Public Consultation on New Data Sharing Code of Practice

On July 16, 2019, the UK’s Information Commissioner’s Office (ICO) released a new draft Data sharing code of practice, which provides practical guidance for organizations on how to share personal data in a manner that complies with data protection laws.

The draft Code focuses on the sharing of personal data between controllers, with a section referring to other ICO guidance on engaging processors. The draft Code reiterates a number of legal requirements from the GDPR and DPA, while also including good practice recommendations to encourage compliance.

Source: ICO Launches Public Consultation on New Data Sharing Code of Practice

ICO opens consultation on the draft data sharing code of practice

The updated draft code of practice will explain and advise on changes to data protection legislation where these changes are relevant to data sharing. It will address many aspects of the new legislation including transparency, lawful bases for processing, the new accountability principle and the requirement to record processing activities.

The updated draft code is now out for public consultation and will remain open until Monday 9 September 2019.

You can respond to the consultation via our online survey, or you can download the document below and email datasharingcode@ico.org.uk.

Source: ICO consultation on the draft data sharing code of practice | ICO

1 2 3 16