Monthly Archives December 2014

Cowboy marketers face record fines in the New Year

Cowboy-marketersCurrent law

Under EU Privacy and Electronic Communications Regulations (PECR), organisations and companies are prohibited from transmitting or instigating the transmission of unsolicited electronic communications to consumers for the purposes of direct marketing unless the person receiving those communications has provided prior consent for the messages to be sent.

Companies also mustn’t disguise or conceal their identity in the messages or use invalid addresses where recipients of the messages would send responses to ask for the messages to stop being sent.

Marketers can send direct marketing via electronic mail to consumers if they have “obtained the contact details of the recipient of that electronic mail in the course of the sale or negotiations for the sale of a product or service t...

Read More

Google hit with threat of massive fine by Dutch Regulator for data breach

Google AccountAs reported in the Financial Times (London, 15 December 2015), Google faces its largest ever fine from a European regulator after the Dutch Data Protection Agency threatened Google with a €15m fine over the way its stores personal data.

The Dutch Regulator demanded that Google asks users for “unambiguous consent” before it can share their personal details between its services, such as Google Maps and YouTube, the video-sharing site.

It also mandated that the company clarify its privacy policy so users know which bits of personal data are used by its different services.

The ruling comes in the wake of the meeting of Council of Ministers that are looking at ways of making it easier and simpler for trans-border actions to be brought against data controllers by directing complainants to...

Read More

Sony try to shut the stable door after the horse has bolted. It may not work.

Sony PictureTri_Star_pictures_flying_horses Entertainment (SPE) has warned media owners they could face legal action for substantial damages if they report the contents of stolen documents that were leaked online following a cyber-attack on Sony in November 2014.

In a blunt letter written by a top US law firm, SPE has requested media organisations including The New York Times, Wall Street Journal, Bloomberg News and The Hollywood Reporter to destroy “stolen information” which includes documents, personal data and emails that’s sensitive data that is now presumed to be in the public domain.

In a thinly veiled threat, the letter warned: “If you don’t comply with this request and the stolen information is used or disseminated by you in any manner, SPE will have no choice but to hold you responsible for any damag...

Read More

FREE SEMINAR – JANUARY 2015

City of LondonMany organisations are now very concerned about the likely impact of the forthcoming EU General Data Protection Regulation. This new legislation represents the first major overhaul of data protection legislation since the 90’s and is a response to the significant privacy issues arising from the rapid developments in data management, cloud hosting and social networking.

The new rules will require ALL companies – big and small – to manage data access and privacy with greater stringency, carrying very significant penalties for failing to do so. This new data requirement affects every financial services company in all EU Member States. It isn’t just a compliance issue, but rather goes to the heart of your sales and marketing strategies.

The Worshipful Company of Marketors and the Finan...

Read More

Unlocking the power of direct marketing under the new EU Regulation

EU data protection keyAt a meeting of the Justice and Home Affairs, part of the EU Council of Ministers that took place on 4-5 December 2014, the forthcoming EU General Data Protection Regulation took a further step to becoming adopted across all 28 EU Member States.

The meeting, attended by Chris Grayling, Lord Chancellor and Teresa May, Home Secretary and chaired by Andrea Orlando, Italian Minister of Justice and President of the Council marks a tipping point in the harmonization of data protection laws across all 28 EU Member States.

At that meeting, the EU Council of Ministers gained partial consensus on two important and inter-related points with respect to data security and protection that sits at the heart of the proposed EU Regulation: a general EU framework for data protection and a ‘one-stop shop’ (O...

Read More

What is meant by “data breach”?

Hacker typing on a laptopThis was the subject of discussion with Martin Hickley, a leading expert on all things cyber-crime and data protection related. Martin will be speaking at a special event that I’m chairing on 27 January 2015 at Cass Business School that will examine the impact of the EU General Data Protection Regulation on the financial services sector and what should be done in this current transition period ahead of the EU Regulation being activated across the European Union, possibly next year.

Two words dominated the conversation with Martin: DATA BREACH.

This is a term that’s being used frequently in the media and elsewhere and indeed is referred in the current Data Protection Act 1998 as well as the forthcoming EU Regulation...

Read More