fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " ICO "

The ICO Updates Its Data Sharing Code of Practice

On 9 July 2019 the UK data protection authority (ICO) updated its Data Sharing Code of Practice (first published in 2011).

The Code is publicly available for consultation until 9 September 2019. Once finalised, the Code will become a statutory code of practice under the DPA. Non-compliance with the code will likely be considered non-compliance with data protection laws.

Source: The ICO Updates Its Data Sharing Code of Practice

ICO Launches Public Consultation on New Data Sharing Code of Practice

On July 16, 2019, the UK’s Information Commissioner’s Office (ICO) released a new draft Data sharing code of practice, which provides practical guidance for organizations on how to share personal data in a manner that complies with data protection laws.

The draft Code focuses on the sharing of personal data between controllers, with a section referring to other ICO guidance on engaging processors. The draft Code reiterates a number of legal requirements from the GDPR and DPA, while also including good practice recommendations to encourage compliance.

Source: ICO Launches Public Consultation on New Data Sharing Code of Practice

ICO opens consultation on the draft data sharing code of practice

The updated draft code of practice will explain and advise on changes to data protection legislation where these changes are relevant to data sharing. It will address many aspects of the new legislation including transparency, lawful bases for processing, the new accountability principle and the requirement to record processing activities.

The updated draft code is now out for public consultation and will remain open until Monday 9 September 2019.

You can respond to the consultation via our online survey, or you can download the document below and email datasharingcode@ico.org.uk.

Source: ICO consultation on the draft data sharing code of practice | ICO

Whistleblower data breach reports almost triple after GDPR crackdown

Whistleblower reports over data breaches have almost tripled over the past year since the introduction of GDPR.

Reports from whistleblowers over data protection surged by 175% to 379 in the year to May 2019, from 138 a year earlier, according to research from City law firm RPC.

The firm said that the introduction GDPR in May 2018 has made people more vigilant over the handling of personal data, increasing the number of reports to the Information Commissioner’s Office (ICO).

Source: Whistleblower data breach reports almost triple after GDPR crackdown

ICO publishes annual report

UK’s data protection authority – Information Commissioner’s Office – has released its annual report.

Highlights from 12 months to 31 March 2019 include:

  • Data protection complaints received by the ICO increased from 21,019 in 2017/18 to 41,661 in 2018/19
  • Helping organisations, small or large, embed the GDPR and DPA 2018
  • Preparation of statutory codes focusing on age appropriate design, data sharing, direct marketing, and data protection and journalism.
  • Using new powers of inspection – issuing 11 assessment notices in conjunction with our investigations into data analytics for political purposes, political parties, data brokers, credit reference agencies and others
  • 2018/19 was a record-breaking year of monetary penalties under the DPA 1998.

Source: ICO publishes annual report covering an ‘unprecedented’ year | ICO

Businesses more reliant on ICO as data breach reports explode

The UK data regulator has revealed its staff received four times as many reports of personal data breaches during an “unprecedented” 2018/19 against the previous financial year.

Similarly, the number of complaints received from the public rose from 21,019 in 2017/18 to 41,661, according to figures revealed in the UK’s Information Commissioner’s Office (ICO) annual report. Organisations were also twice as reliant on the ICO for advice or guidance during 2018/19.

Source: Businesses more reliant on ICO as data breach reports explode | IT PRO

ICO intends to fine Marriott International, Inc more than £99m for data breach

Marriott International has received a notification from the Information Commissioner’s Office (ICO) of its intention to fine the company £99,200,396.

In November 2018, Marriott had disclosed that their Starwood reservation database had been compromised between 2014 and 2018. The breach resulted in approximately 339 million guest records globally being exposed.

Source: ICO intends to fine Marriott International, Inc more than £99m for data breach

Cookie consent – What “good” compliance looks like according to the ICO

On 3 July 2019, the UK data protection authority (the ICO) updated its guidance on the rules that apply to the use of cookies and other similar technologies.

The ICO has also changed the cookie control mechanism on its own website to mirror the changes in the new guidance.

Full article: Cookie consent – What “good” compliance looks like according to the ICO

ICO publishes update report on adtech

For several months ICO has been reviewing how personal data is used in real time bidding (RTB) in programmatic advertising, engaging with key stakeholders directly to understand the views and concerns of those involved.

As a result of research, ICO published Update report into adtech and real time bidding which summarises findings so far. If you operate in the adtech space, it’s time to look at what you’re doing now, and to assess how you use personal data.

Source: Blog: ICO Adtech update report published following industry engagement | ICO

ICO admits its own cookie policy is non-compliant with GDPR

The Information Commissioners Office has admitted that its current consent notice relating to the use of cookies on devices failed “to meet the required GDPR standard”.

The issue relates to the automatic placing of cookies on a user’s mobile device when accessing the ICO’s website, which one complaint argued was in breach of the Privacy and Electronic Communications Regulations 2003, which sits alongside GDPR.

Source: ICO admits its own cookie policy is non-compliant with GDPR | IT PRO

1 2 3 15
>