Your Front Page For Information Governance News
Analysis and Commentary about Data Protection, GDPR, FOI, Cyber Security and Surveillance laws
2023 is going to be the year of AI. In January, Microsoft announced a multibillion dollar investment in OpenAI, the company behind image generation tool Dall-E and the chatbot ChatGPT. The public sector is increasingly leveraging the power of AI to undertake administrative tasks and create more tailored services that meet users’ needs. The term “artificial intelligence” or “AI” refers to … Continue reading “GDPR and AI: The Rise of the Machines”
On 4th January 2023, Ireland’s Data Protection Commission (DPC) announced the conclusion of two inquiries into the data processing operations of Meta Platforms Ireland Limited (“Meta Ireland”) in connection with the delivery of its Facebook and Instagram services. Not only does this decision significantly limit Meta’s ability to gather information from its users to tailor and … Continue reading “Mega GDPR Fines for Meta”
What is happening with the Government’s proposal for UK GDPR reform? Just like Donald Trump’s predicted “Red Wave” in the US Mid Term Elections, it’s turning out to be a bit of a ripple! In July the Boris Johnson Government, published the Data Protection and Digital Information Bill. This was supposed to be the next step … Continue reading “UK GDPR Reform: Will There Be A New Consultation?”
This month the UK Information Commissioner’s Office has issued two fines and one Notice of Intent under GDPR. The latest fine is three times more than that imposed on Easylife Ltd on 5th October. Yesterday, Interserve Group Ltd was fined £4.4 million for failing to keep personal information of its staff secure. The ICO found that … Continue reading “£4.4 Million GDPR Fine for Construction Company “
On 3rd October 2022, during the Conservative Party Conference, Michelle Donelan, the new Secretary for State for Digital, Culture, Media and Sport (DCMS), made a speech announcing a plan to replace the UK GDPR with a new “British data protection system”. Just as we are all getting to grips with the (relatively new) UK GDPR, do we want more change … Continue reading “Back To The Future For UK GDPR?”
On 28th September 2022, the Information Commissioner’s Office announced it is taking action against seven organisations for delays in dealing with Subject Access Requests(SARs). This includes government departments, local authorities and a communications company. The seven organisations were identified following a series of complaints in relation to multiple failures to respond to requests for copies of personal information … Continue reading “ICO Takes Action Against GDPR Subject Access Delays”
On 5th October, the Information Commissioner’s Office (ICO) issued a GDPR Monetary Penalty Notice in the sum of £1,350,000 to Easylife Ltd. The catalogue retailer was found to have been using 145,400 customers personal data to predict their medical condition and then, without their consent, targeting them with health-related products. This latest ICO fine is interesting but not because of the amount involved. … Continue reading “£1.35 Million GDPR Fine for Catalogue Retailer”
On 26 September 2022, TikTok was issued with a Notice of Intent under the GDPR by the Information Commissioner’s Office (ICO). The video-sharing platform faces a £27 million fine after an ICO investigation found that the company may have breached UK data protection law. The notice sets out the ICO’s provisional view that TikTok breached … Continue reading “TikTok Faces a £27 Million GDPR Fine”
In July the Government published the Data Protection and Digital Information Bill, the next step in its much publicised plans to reform the UK Data Protection regime following Brexit. In the Government’s response to the September 2021 consultation (“Data: A New Direction”) it said it intended “to create an ambitious, pro-growth and innovation-friendly data protection regime that underpins the … Continue reading “The Data Protection and Digital Information Bill: A new UK GDPR?”
Since May 25th 2018, the Information Commissioner’s Office (ICO) has issued ten GDPR fines. The latest was issued on 30th June 2022 to Tavistock and Portman NHS Foundation Trust for £78,400. The Trust had accidentally revealing 1,781 adult gender identity patients’ email addresses when sending out an email. This is the second ICO fine issued to a Data Controller in these circumstances. In … Continue reading “A New GDPR Fine and a New ICO Enforcement Approach”
