The Information Commissioner’s Office (“ICO”) has made a provisional decision to fine a software provider more than £6 million. If the provisional decision is confirmed, it would mark the first case where the ICO impose a monetary penalty notice on a processor under the UK General Data Protection…
Data breaches: Is personal data held in your systems secure?
European Commission launches process on personal data flows to UK
In these working from home days, where weekdays seem to blend into weekends which melt into weekdays again, most of us don’t have the luxury of offices at home. Space is at a premium. Desks or dining room tables are shared. Papers are strewn across the floor. We…
The Court of Appeal has held that an individual can claim for compensation under section 13 of the Data Protection Act 1998 where a breach of the DPA results in a “loss or diminution of a right to control” their personal data. A claim of compensation would not require the…
The Information Commissioner’s Office (ICO) has changed their guidance on subject access requests (SARs), as well as other data subject requests relating to their individual rights such as rectification, erasure and data portability. We have referred to them throughout as “data subject requests” or “DSRs”. So what’s changed?…
The British Airways data breach The Information Commissioner’s Office (ICO) has given notice yesterday (Monday 8 July 2019) that it intends to fine British Airways over £183 million, for infringements of the General Data Protection Regulation (GDPR). The potential fine relates to a cyber incident in 2018, part…
It seems like yesterday everyone was amending their contracts to comply with the General Data Protection Regulation (GDPR). However, Brexit (assuming it happens!) is likely to bring with it yet more changes – and if the UK leaves without a deal, these changes are coming up fast. Parliament…