Category data protection

Do you still worship at the Temple of Big Data?

Major personal data breaches are happening at a rate of one a day – Equifax, BUPADeloitteNHSNottingham County CouncilIslington CouncilHCA Healthcare and many, many more. Wanna Cry? (I bet you do).

Do you live in fear of whether you’re next? It doesn’t have to be this way. We are transitioning to an era in which individuals have both the skills and the opportunities to choose how they manage and share their personal data to achieve a range of beneficial outcomes.

Digital evangelists like Stephen Deadman, Global Deputy Chief Privacy Officer at Facebook remains optimistic about the future, rather than terrified by it...

Read More

British data protection laws to criminalize breaches of GDPR

The British Government  has just announced (Monday 7 August 2017) that it will incorporate Directive 2016/679 (General Data Protection Regulation) along with specific derogations permitted under the GDPR as well as the Data Protection Law Enforcement Directive (DPLED) into UK law.

The move effectively repeals the current Data Protection Act 1998.

This follows a short consultation period (12 April – 10 May 2017) that called for views and which included 170 submissions from a wide range of professional bodies, legal and consumer groups, local government, technology companies, global organisations and academic institutions (7.1% of all respondents), including Henley Business School.

“Bringing EU law into our domestic law will ensure that we help to prepare the UK for the future after we ha...

Read More

New Data Protection Act announced in Queen’s Speech to be in alignment with GDPR

The British Government signalled its intention to replace the Data Protection Act 1998 with a new Data Protection Act that will be in alignment with the EU General Data Protection Regulation (GDPR). The Department for Culture, Media and Sport and the Home Office will be the relevant ‘Lead Departments’ overseeing the passage of the Data Protection Bill through Parliament.

“A new law will ensure that the United Kingdom retains its world-class regime protecting personal data”, said Her Majesty the Queen Elizabeth II in her speech to both the House of Commons and the House of Lords on Wednesday 21 June 2017.

The Bill will fulfil a manifesto commitment to ensure the UK has a data protection regime that is fit for the 21st century.

The Bill will ensure that our data protection framework ...

Read More

The myth of cyber security and why computers can never be secure

The BBC has run a wonderful news story about the development of what’s claimed to be the world’s most secure email service.

Created by US security tech entrepreneur Will Donaldson, Nomx makes the bold claim it uses the “world’s most secure communications protocol” to protect email messages.

The Nomx personal email server costs from £155 – £310 and claims that users can help to stop messages being copied and hacked as they travel to their destination across the Internet.

Too good to be true?

BBC News asked ex-hacker and now security researcher Scott Helme and computer security expert Prof Alan Woodward of Surrey University to test whether the product could provide 100% protection against hacking and interception.

The investigation started by taking the device apart to find that it was b...

Read More

FT Cyber Security Summit Europe – Wed 21 Sept 2016 (London)

Debate: “The European Union’s new data protection rules will impose unnecessary burdens on businesses – Yes or No?”

Business leaders are worried that the European Union’s General Data Protection Regulation (GDPR), scheduled to come into effect in early 2018, will seriously harm their commercial interests. It will force them to improve the privacy rights of EU citizens and report data breaches within three days, rules that will be difficult and costly to comply with. Penalties for non-compliance could be as high as 4% of global turnover. However, British businesses could be spared the hassle if Brexit means the UK does not implement the Regulation.

ft-cyber-security-conference-2016In what promises to be a contentious debate, two teams of experts will go head-to-head to argue For (“Yes”) or Against (“No”) the Mot...
Read More

Are you a Superhero?

Superman…-Saves-the-DayOne of the biggest changes in data protection and privacy to usher in the New Year with a bang is publication of the EU General Data Protection Regulation (GDPR) later this month. And it’s really important that all companies take the necessary steps to protect themselves from becoming liable for personal data breaches under this EU Regulation.

As reported extensively in this blog over the last 12 months, the GDPR will force all organisations to re-wire their thinking as well as their data protection policies and procedures for handling personal data under a fundamental change in European law.

Experience to date shows that effective training is the first line of defence and by far the best way to mitigate against the risks of being landed with a massive fine – which can be as high as €20m...

Read More

Watch out – there’s a Stealing Santa about!

Stealing SantaAt this time of year parents all over the world are busy working out what the latest electronic gadget they need to buy for their children before the Christmas rush makes these highly-prized toys out of stock. One of the biggest manufacturers is Chinese consumer giant VTECH that owns the Learning Lodge app store.

But this story doesn’t have a happy ending.

The customers’ secrets stored on the company’s data base have been hacked and according to security experts this amounts to 4.8m unique customer email addresses as well as names and download history.

According to reports, the company database was compromised on 14 November but it took a good 10 days before HKT (the owners of VTech) notified its customers.

Dear Valued Customer,

On November 24 HKT we discovered that an unauthorized p...

Read More

TalkTalk was heading for security chief before it was hacked

TalkTalk logoTalkTalk has been caught in the eye of a storm over its data protection and privacy policies and procedures leaving a wake of very angry customers threatening to take legal action for the breach of their personal data.

And as the Information Commissioner’s Officer (ICO) starts to investigate the mobile provider, it may like to read the advertisement TalkTalk placed on LinkedIn on the 19 October for the post of Information Security Officer.

When we checked on Sunday 25 October, there had been 15 applicants for the post – now with the level of national media interest in how TalkTalk is culpable in its failure to adequately protect its customers, maybe there will be deluge of qualified candidates knocking on its door..?

Or will it now have to pay a much bigger salary to attract the right ...

Read More

Wake up call for all major UK companies as GDPR is now around the corner

wake up callEach day more and more comment is emerging on the lack of preparedness of business to deal with the forthcoming EU General Data Protection Regulation (GDPR) and the need to put education and training on the top of the business agenda – and you may find these two very recent news items of interest and helpful.

We’ve been briefing a Member of the Government’s Treasury Select Committee a few weeks’ ago when we highlighted the issue of GDPR is simply much bigger than a digital marketing issue under ICO’s remit reporting into the Department for Culture, Media and Sport (DCMS).

Check out this recent news item

We strongly support the idea of a debate in the British Parliament about the role that the British Government and in particular the role that the Department for Business, Innovati...

Read More

Goodbye to ‘Safe Harbor’ as US companies need to start playing by the same rules

not so safe harborThis week the blogosphere went into overdrive with the news that the non-binding legal opinion of the Advocate General of the European Court of Justice claims that EU user data transferred to the US by various technology companies is a violation of current EU data protection and privacy laws.

Even before this opinion, the European Commission was already attempting to re-negotiate the Safe Harbor Agreement with the US. The Advocate General observed: “If the (European) Commission decided to enter into negotiations with United States, that is because it considered beforehand that the level of protection ensured by that third country, under the safe harbour scheme, was no longer adequate.”

And of course, he’s impeccably right in this regard.

The cornerstone of this highly influential leg...

Read More