UK GDPR and EU GDPR have introduced some stiff penalties for poor data protection practices. Prior to the introduction of these regulations, data protection fines didn’t really reflect the severity of poor compliance. For example, in the UK the Data Protection Act which provided far weaker rules on how data must be protected than the … Read more
The ICO’s recent enforcement action against Virgin Media shows us that some marketers are still failing to understand the ICO’s guidance on PECR. In this article we’ll look at the case, examine what went wrong and provide some simple solutions that can help you reduce your risk of making the same mistakes. On the 6th … Read more
The Log4j 2 exploit will have affected millions of organisations, potentially exposing customer data to hackers. As IT teams scramble to fix the patch, we ask what implications this may have for GDPR compliance? What security issue? A critical vulnerability has been discovered in Log4j 2, an open-source Java package used on Apache servers to … Read more
If you are using Google Forms to process the personal data of UK or EEA (European Economic Area) based citizens then you may be wondering if Google Forms is GDPR compliant? This is a good question to be asking, as poor GDPR compliance can lead to a fine, of up to 4% of your turnover … Read more
To comply with UK GDPR and EU GDPR it is necessary to understand the definition of personal data under GDPR. This is an area where there is often some confusion. While most of us understand that information like a name, or date of birth could be considered personal. Other information that could be linked to … Read more
Google Workspace has become a dominant force in the business productivity software market. The product, formerly known as G-Suite has reached mass adoption in the market, shaking off fierce competition from rival Microsoft’s Office365 – which has been arguably slow to the market, considering their prior dominance with the Microsoft Office suite. Official statistics on … Read more
Their aim is to improve alignment with the ePrivacy Directive (UK – PECR) and GDPR. Facebook announced via their newsroom on Thursday (23rd September 2021) that they will be changing their cookie consent controls within the European region for Facebook and Instagram users. The goal is to give users “a more granular level of control” … Read more
A round-up of some of the most recent data privacy decisions led by data protection authorities in Europe. United Kingdom The High Court of England and Wales held that controllers and processors outside of the EU that nominate a representative under Article 27 GDPR cannot outsource liability for breaches of the GDPR. The representative can … Read more
A new contender for the most ironic PECR fine yet has entered the ring: The Information Commissioner’s Office (ICO), in the United Kingdom, has fined Yes Consumer Solutions Limited (YCSL) £170,000 for making 188,493 unsolicited direct marketing calls to customers registered with the Telephone Preference Service (TPS). The fine follows an assessment under the Privacy … Read more
There are two tiers of fine under the EU-GDPR & UK-GDPR. The tiers are based on the type of violation and the type of data processing concerned. Most organisations fall within the lower-level tier. How is the value of the fine decided? Supervisory authorities consider multiple factors when deciding on the value of the fine … Read more
