Error: Can't connect Warning: mysqli_query() expects parameter 1 to be mysqli, null given in /home/customer/www/hsfnotes.com/public_html/wp-content/themes/hsfnotes/template-parts/tpl_filters.php on line 186
Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, null given in /home/customer/www/hsfnotes.com/public_html/wp-content/themes/hsfnotes/template-parts/tpl_filters.php on line 187
The ICO has fined British Airways £20 million for breach of the GDPR in relation to its 2018 data breach. This is a significant reduction in the original proposed fine of £183 million. In the monetary penalty notice issued to British Airways, the ICO has confirmed that the reduction of almost 90% was only partially … Read more
The Information Commissioner’s Office in the UK (the “ICO”) has published for consultation its draft statutory guidance setting out how it will regulate and enforce data protection legislation in the UK. The document explains all of the ICO’s key powers (including information notices, assessment notices, enforcement notices and penalty notices). Perhaps most interestingly for organisations, … Read more
On 17 April 2020, the ICO published an opinion by the Information Commissioner (the “Commissioner”) on Apple and Google’s joint initiative to develop COVID-19 contact tracing technology (the “Opinion”, available here). Summary The Commissioner found the CTF to be aligned with principles of data protection by design and by default. Controllers designing contact tracing apps … Read more
The ICO has published details of its regulatory approach during the ongoing COVID-19 emergency; this is an approach which should reassure entities who are adapting to the economic and practical realities of operating in the current climate, as well as balancing their data protection obligations. The UK regulator has continued to be reasonable and pragmatic, … Read more
Given the COVID-19 crisis, it is likely that data protection may no longer at the forefront of every controller’s mind, and rather, that business continuity has taken precedence. Acknowledging this shift and the need for companies to divert business as usual resources to their response to the crisis, the ICO has published two articles on … Read more
Following a public consultation on its draft code of practice with parents, children, schools, children’s campaign groups, developers, tech and gaming companies and online service providers which closed on 31 May 2019, the Information Commissioner’s Office (ICO) submitted its Age-appropriate design Code of Practice on 12 November 2019 but due to restrictions in the pre-election … Read more
What better day than today, International Data Privacy Day, to explore what 2020 is likely to have in store for data and privacy? Almost two years ago the EU General Data Protection Regulation (GDPR) thrust data and privacy issues firmly in the spotlight, where they remain. With attention having shifted from guidance to enforcement, this article … Read more
The ICO (the UK privacy regulator) has published draft guidance on the right of individuals under the GDPR to access their data. Key takeaways include: An acknowledgement that subject access requests can be burdensome, with a requirement to ‘make extensive efforts’ to locate and retrieve information and confirmation that a significant burden does not make … Read more
The Information Commissioner’s Office in the UK (ICO) has announced an investigation into the use of facial recognition technology following a string of high profile uses. Prior to the results of this investigation, companies using facial recognition technology should: undertake a balancing test to ensure proportionality in the use of such technology, acknowledging its intrusiveness; … Read more
