Free tools and resources for Data Protection Officers!

Tag Archives for " UK "

EDPB releases information note in the event of a “No-deal Brexit”

On February 12, 2019, the European Data Protection Board (“EDPB”) published two information notes to highlight the impact of a so-called “No-deal Brexit” on data transfers under the EU General Data Protection Regulation (“GDPR”), as well as the impact on organizations that have selected the UK Information Commissioner (“ICO”) as their “lead supervisory authority” for their “Binding Corporate Rules” (“BCRs”).

Source: EDPB releases information note in the event of a “No-deal Brexit”

Nearly half of UK small businesses believe a cyberattack could close their business

Every second small and medium-sized business in the UK could be forced to close if they were hit by a major cyberattack, a new study suggests.

The report, titled “Size Does Matter,” details the challenging climate for UK SMBs in a time of rapid political, economic and social change.

Full article: Nearly half of UK small businesses believe a cyberattack could close their business

ICO releases discussion paper on regulatory sandbox

UK data protection authority ICO have published regulatory sandbox discussion paper which explains to potential participants how ICO sees the sandbox working in practice. The paper sets out our thinking so far – from early engagement through to application, sandbox entry and, ultimately, exit.

Source: Blog: ICO regulatory sandbox | ICO

Company closure and 4-year ban for director after marketing regulation breach

A director of a lead generating service has been banned for four years after failing to ensure his company complied with text message regulations.

Lad Media Limited sent over 393,000 SMS messages were sent to members of the public, including to individuals whom had withdrawn their consent regarding the receipt of marketing texts or calls.

Irrespective of Lad Media’s claim that the illegal marketing had not been their fault, but was instead due to the actions of third parties, the ICO imposed a fine of £20,000.

Source: Company closure and 4-year ban for director after marketing regulation breach

Irish watchdog issues ‘no deal’ Brexit data transfers guidance

Businesses in Ireland have been urged to ensure that their transfer of personal data to the UK in a ‘no deal’ Brexit scenario is compliant with data protection law.

The guidance was issued by the Data Protection Commission (DPC) in Ireland and highlighted the use of standard contract clauses (SCCs) endorsed by the European Commission as a means of ensuring compliance, but a data protection law experts have warned that the use of SCCs alone may not be sufficient for Irish company to demonstrate compliance.

Source: Irish watchdog issues ‘no deal’ Brexit data transfers guidance

UK: Liability Limits for GDPR in commercial contracts – the law and recent trends

Given the potential financial exposure under GDPR, it is no surprise that a great deal of time is being spent working out how to allocate the risk and liability when negotiating commercial contracts. Here is our take on the underlying law and the recent trends.

Full article: UK: Liability Limits for GDPR in commercial contracts – the law and recent trends

EU DPAs urged to act against online ad auctions

Panoptykon Foundation, the Warsaw based digital rights organization, has joined in the complaints filed in the UK and Ireland in September by Jim Killock of the Open Rights Group, Michael Veale of University College London, and Dr Johnny Ryan of Brave.

Together, the complainants in Ireland, Poland, and the UK, have also filed new evidence today with the national data protection authorities of Ireland, Poland, and the United Kingdom, that reveals how ad auction companies, including Google, unlawfully profile Internet users’ religious beliefs, ethnicities, diseases, disabilities, and sexual orientation.

Full article: Update on GDPR complaint (RTB ad auctions)

“No Deal” Brexit May Bring Practical Problems for Privacy and Data Protection

With a “No Deal” Brexit seeming more likely than ever after the UK Parliament voted down a proposed deal in January 2019, concerns are rapidly multiplying about the effects of such a withdrawal from the EU for organizations doing business in the UK, and how those organizations will address numerous practical issues, privacy and data protection among them.

Full article: “No Deal” Brexit May Bring Practical Problems for Privacy and Data Protection

1 2 3 34
>