fbpx

Download free GDPR compliance checklist!

Tag Archives for " UK "

UK data watchdog having a hard time making GDPR fines stick

British Airways expects the fine for its 2018 credit card data leak to be just 10.8 per cent of the £183m proposed by the UK data watchdog – while US hotel chain Marriott has both halved and kicked its own data blunder punishment into the long grass once again.

Mishcon’s Baines pondered whether the amount of ICO effort devoted to the two cases had disrupted its other data protection enforcement work: “One wonders if the effect of the BA and Marriott investigations has also been to cause work on other enforcement action to be paused, or at least delayed,” he mused, referring to boasts from Information Commissioner Elizabeth Denham last year that she was about to announce more big GDPR fines.

Source: UK data watchdog having a hard time making GDPR fines stick: Marriott scores another extension, BA prepares to pay 11% of £183m penalty threat • The Register

EDPB Adopts Information Note on BCRs in Preparation for Brexit

On July 22, 2020, the European Data Protection Board (the “EDPB”) adopted an information note (the “Note”) to assist organizations relying on Binding Corporate Rules (“BCRs”) for international personal data transfers, as well as supervisory authorities, in preparing for the end of the Brexit implementation period on December 31, 2020.

The Note is provided specifically for those groups of undertakings and enterprises that have the UK Information Commissioner’s Office (“ICO”) as the competent supervisory authority for their BCRs.

Source: EDPB Adopts Information Note on BCRs in Preparation for Brexit

Uber Drivers Sue to Gain Access to its Secret Algorithms

Uber’s power lies In information asymmetry. This EU court case could help end it.

Four United Kingdom Uber drivers launched a lawsuit Monday to gain access to Uber’s algorithms through Europe’s General Data Protection Regulation (GDPR) in a bid that could reshape the gig economy landscape across Europe.

Source: Uber Drivers Sue to Gain Access to its Secret Algorithms

EDPB clarifies Brexit obligations for holders of Binding Corporate Rules which have the UK ICO as their lead authority

On July 22, 2020, the European Data Protection Board (EDPB) released an information note on Binding Corporate Rules (BCRs), which provides guidance for groups of undertakings/enterprises which have the UK Information Commissioner’s Office (ICO) as their competent supervisory authority.

As a consequence of Brexit, BCR holders having the ICO as their BCR Lead Supervisory Authority (SA) need to identify a new BCR Lead SA in the EEA  and must amend their BCRs before the end of the Brexit transition period.

Source: EDPB clarifies Brexit obligations for holders of Binding Corporate Rules which have the UK ICO as their lead authority

UK Government admits breaking privacy law with NHS test and trace

Ministers accused of reckless behaviour over roll-out, with Guardian learning of data breaches.

The UK government broke the law in rolling out its test-and-trace programme without a full assessment of the privacy implications, the Department of Health and Social Care has admitted after a legal challenge.

Source: Government admits breaking privacy law with NHS test and trace

EC issues data advice as Brexit approaches

The European Commission (EC) is urging businesses and public bodies to take all necessary steps to ensure compliance of any personal data transfers between the UK European Union after the Brexit transition ends on 31 December.

“Compliance can be achieved by having appropriate safeguards in place as foreseen by the General Data Protection Regulation [GDPR], including binding corporate rules or through specific derogations,” the EC said in a document to help companies and others to prepare for the changes after the transition period.

Source: EC issues data advice as Brexit approaches

UK and Aussie privacy watchdogs to investigate Clearview AI

Privacy authorities in the UK and Australia have announced a joint investigation into Clearview AI, a US firm which provides facial recognition technologies.

The investigation will aim to understand whether the data scraping activities of Clearview AI are legal with respect to the Australian Privacy Act 1988 and the UK Data Protection Act 2018.

Source: UK and Aussie privacy watchdogs to investigate Clearview AI – Telecoms.com

UK government reported 500 personal data breaches to ICO in a year

Central government reported almost 500 personal data breaches to the Information Commissioner’s Office in the 2020 fiscal year, with one in ten requiring formal investigation and at least 10 incidents that have required the department in question to take remedial action.

During FY20, the regulator also received a collective tally of 1,006 data-breach reports from the local government sector. The overall number of reports filed across all sectors quadrupled following the introduction of GDPR, from 3,331 in 20178/18 to 13,840 the following year.

Source: EXCL: Whitehall departments reported 500 personal data breaches to ICO in FY20 | PublicTechnology.net

Police take too much data from victims’ phones, says watchdog

Police are extracting “excessive amounts of personal data” from the mobile phones of victims and witnesses during investigations and are in danger of discouraging the public from reporting crime, the Information Commissioner’s Office (ICO) has warned.

In a critical study of data extraction policies, the ICO concludes that procedures are inconsistent across forces in England and Wales and calls for a new statutory code of practice to provide “greater clarity”.

Source: Police take too much data from victims’ phones, says watchdog | Police | The Guardian

Tiktok to transfer data control to UK arm ahead of Brexit

Tiktok has said it will be moving ownership of its users’ data in Europe to local subsidiaries, in a boost to its British arm as it prepares for Brexit.

The social media app’s US parent Tiktok Inc will no longer manage and safeguard data for users based in the UK and the European Union. Instead, from 29 July, Tiktok Ireland will control the data of all users in the European Economic Area and Switzerland, while Tiktok UK will do the same for Britons.

Source: Tiktok to transfer data control to UK arm ahead of Brexit – CityAM : CityAM

1 2 3 47
>