Download free GDPR compliance checklist!

Tag Archives for " UK "

Brexit Party under investigation for ‘failing to hand over personal data’

An investigation into Nigel Farage’s party has been launched by the Information Commissioner’s Office.

The Information Commissioner’s Office (ICO) launched the investigation in response to complaints the Brexit Party had failed to answer requests for data.

Source: Brexit Party under investigation for ‘failing to hand over personal data’ | Science & Tech News | Sky News

UK’s data regulator again warns ad tech over GDPR compliance

U.K. data protection authority, The Information Commissioner’s Office, has stepped up its warning for the ad tech industry to get its house in order quickly if it is to comply with the European Union’s General Data Protection Regulation (GDPR) and avoid heavy fines.

The ICO held an “ad tech fact-finding forum” in London on Tuesday. It discussed the data protection watchdog’s latest findings since it released a report in June taking the ad tech and real-time bidding marketplace to task on GDPR compliance and giving the industry six months to clean up its act. This summer the ICO said the industry’s current real-time bidding protocols violate GDPR. At the time, the ICO outlined “key areas of concern” including issues such as companies’ treatment of sensitive, “special category” data and the often substandard contractual agreements to protect how bid-request data is shared between vendors.

Source: UK’s data regulator again warns ad tech over GDPR compliance – Digiday

ICO concerned by mass health data-sharing with advertisers

The UK’s data regulator has expressed deep concerns over reports that some of the most popular health websites are sharing sensitive data with advertisers across the world.

The majority of prominent health websites embed tracking cookies in users’ browsers without explicit consent to allow third-party companies to track them while surfing the internet.

This data is then transmitted to a swathe of advertising platforms including Amazon and Facebook, with the majority of data sent to Google’s DoubleClick targeted ad platform. This includes information like medical symptoms, diagnoses, drug names and fertility information.

Source: ICO concerned by mass health data-sharing with advertisers | IT PRO

Regulating Facial Recognition Tech – Where Are We Now?

While there are clearly now multiple efforts to curtail the use of facial recognition technology (FRT) in the public realm, the reality is that the genie is already out of the bottle and there is no way to put it back.

The efforts above range from limited bans within the public sector, to reviews of new implementations of the tech, to specific court cases against police use of FRT. In short, it’s a patchwork of efforts, and there are huge gaps between them. Many examples also tend to focus on State-backed projects, rather than in the private sector – which is also experimenting with the tech, often in the public domain.

Meanwhile, the technology and its use is still rapidly spreading around the world, and there remains as yet no fully tested national position on its use in countries such as the US and UK.

Full article: Regulating Facial Recognition Tech – Where Are We Now? – Artificial Lawyer

UK Government Faces Court Over ‘Biased’ Visa Algorithm

The UK’s Home Office is facing a landmark Judicial Review to reveal how an algorithm it uses to triage visa applications works – in what appears to be the first case of its kind here, and which could open up a series of future similar demands in the public and private sectors if successful.

The legal challenge has been launched by campaign groups Foxglove – which focuses on legal rights in relation to the abuse of technology – and the Joint Council for the Welfare of Immigrants. They believe the algorithm ‘may be discriminating on the basis of crude characteristics like nationality or age – rather than assessing applicants fairly, on the merits‘.

Source: UK Government Faces Court Over ‘Biased’ Visa Algorithm – Artificial Lawyer

UK’s DPA: police should think over live facial recognition technology

How far should we, as a society, consent to police forces reducing our privacy in order to keep us safe?

The current combination of laws, codes and practices relating to live facial recognition (LFR) will not drive the ethical and legal approach that’s needed to truly manage the risk that this technology presents.

The absence of a statutory code that speaks to the specific challenges posed by LFR will increase the likelihood of legal failures and undermine public confidence in its use.

Full article: Blog: Live facial recognition technology – police forces need to slow down and justify its use | ICO

Facebook accepts Cambridge Analytica fine

Facebook has said it will pay the £500,000 financial penalty that the social network was issued by the UK’s data privacy watchdog, the Information Commissioner’s Office (ICO).

The fine came as a result of Facebook’s role in the Cambridge Analytica scandal, news of which first broke in March 2018.

Source: #Privacy: Facebook accepts ICO Cambridge Analytica fine

Potential Brexit deal reached; data transfers remain, for now

More than three years after the U.K. voted in a referendum to leave the EU, a proposed Brexit deal is on the table just weeks ahead of an Oct. 31 deadline.

European Commission President Jean-Claude Juncker confirmed a deal had been reached. U.K. Parliament will vote on it this Saturday, Oct. 19.

The draft text of the deal released Thursday includes a section near the top on data protection, stating, “In view of the importance of data flows and exchanges across the future relationship, the Parties are committed to ensuring a high level of personal data protection to facilitate such flows between them.”

Source: Potential Brexit deal reached; data transfers remain, for now

Major breach found in biometrics system used by banks, UK police and defence firms

The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan police, defence contractors and banks.

Suprema is the security company responsible for the web-based Biostar 2 biometrics lock system that allows centralised control for access to secure facilities like warehouses or office buildings. Biostar 2 uses fingerprints and facial recognition as part of its means of identifying people attempting to gain access to buildings.

Recently Biostar 2 platform was integrated into another access control system – AEOS, that is used by 5,700 organisations in 83 countries, including governments, banks and the UK Metropolitan police. In a search last week, the researchers found Biostar 2’s database was unprotected and mostly unencrypted.

Source: Major breach found in biometrics system used by banks, UK police and defence firms | Technology | The Guardian

The role of the UK representative post-Brexit

If the United Kingdom leaves the European Union without a deal Nov. 1, it will automatically cease to be a member of the EU. U.K.-based companies will no longer be regulated under the EU General Data Protection Regulation.

The two most significant effects of this are that data transfers between the U.K. and the EU will be affected, and companies may need to appoint an extra EU representative.

Full article: The role of the UK representative post-Brexit