Your Front Page For Information Governance News
Analysis and Commentary about Global Data Protection Laws, Including GDPR, FOI, Cyber Security and Surveillance
The old Data Protection Act 1998 not only gave Data Subjects a right to see their personal data held on computer but also that which was held on paper records which were held in a “relevant filing system”. A recent case, albeit under the DPA 1998, has an impact on the way Data Controllers deal … Continue reading “Subject Access Requests for Paper Records”
Organisations with a role in preventing and detecting crime (e.g. councils, police, regulatory bodies etc.) not only have to comply with GDPR but also Part 3 of the Data Protection Act 2018 (DPA 2018) which applies to the processing of personal data for law enforcement purposes. This is a complex task requiring, amongst other things, … Continue reading “Act Now launches Law Enforcement Data Processing Policy Pack (Part 3 DPA 2018)”
This week we saw the Information Commissioner’s Office (ICO) finally signal its intention to use its powers to issue to issue Monetary Penalty Notices (fines) under the General Data Protection Regulation (GDPR). Two Notices of Intent have been issued. Both relate to cyber security incidents but are for different reasons and amounts. Under the GDPR, … Continue reading “The BA and Marriot Data Breaches: The ICO takes its gloves off!”
At the end of 2018 Act Now announced the launch of its new FOI Practitioner Certificate. In keeping with the company’s ethos of delivering on the ground practical training, the new course is designed to meet the needs of practitioners and to enable them to fulfil their roles as FOI Officers. Act Now is pleased … Continue reading “Act Now’s FOI Practitioner Certificate: The Story So Far”
The social housing sector already prides itself on being open and accountable to tenants. But from 11 November 2019, registered social landlords (RSLs) in Scotland will acquire new transparency obligations under the Freedom of Information (Scotland) Act 2002 (FOISA). After years of debate and the robust recommendation of successive Scottish Information Commissioners, that housing associations should … Continue reading “Freedom of Information comes to Scottish Registered Social Landlords”
The Data Protection Act 2018 (DPA 2018) came into force on 25th May 2018, alongside the General Data Protection Regulation (GDPR). Much has been written about it, both right and wrong. The purpose of the DPA 2018 is nicely summarised by the Information Commissioner in her blog: “The new Act updates data protection laws in the UK, and … Continue reading “The Data Protection Act 2018 – Pre and Post Brexit”
Act Now is pleased to announce the launch of its brand new FOI Practitioner Certificate. This course is one of the first of its kind, in a way that only Act Now delivers – practical, on the ground skills to help you fulfil your role as an FOI Officer. This new certificate course is … Continue reading “Act Now Launches New FOI Practitioner Certificate”
On 24th October the Information Commissioner imposed a fine (monetary penalty) of £500,000 on Facebook Ireland and Facebook Inc (which is based in California, USA) for breaches of the Data Protection Act 1998. In doing so the Commissioner levied the maximum fine that she could under the now repealed DPA 1998. Her verdict was that the fine … Continue reading “The Facebook Data Breach Fine Explained”
As more individuals become aware of the way in which organisations such as Facebook, and Google have used their personal data unlawfully, then the prospect of litigation, and class actions, seems increasingly likely. However, the recent case of Lloyd v Google [2018] EWHC 2599 (QB) demonstrates that it doesn’t necessarily follow that a clear … Continue reading “Google v Lloyd- Representative action for damages fails under the DPA 1998”
On 20th September the Information Commissioner issued Equifax Ltd with a £500, 000 monetary penalty, the biggest fine it has issued to date, and the maximum allowed under the Data Protection Act 1998. Although half a million pounds might sound a significant amount of money, it represents a relatively modest amount compared to the fine the … Continue reading “Equifax Ltd fined £500,000 for significant breaches of the DPA 1998”
