Category EU General Data Protection Regulation

GDPR by Royal Appointment

Read More

The joys of data hygiene

Unfortunately, the article in the current edition of my favourite business newspaper The Economist in explaining the GDPR was riddled with errors. Tut tut!

Here’s an example: “Data Subjects can demand a copy of the data held on them (data portability) …” which as we all know is a subject access request (SAR) and isn’t an absolute right under the GDPR.

Another error in the article on GDPR is the bold assertion: “The GDPR is prescriptive about what organisations have to do to comply.”

Er, no it isn’t. Few bits go into detail, like the requirements for a data protection impact assessment (Art.35, GDPR) or a subject access request (Art. 15, GDPR).

The GDPR is a deliberate move away from a ‘tick-box’ approach of the Data Protection Directive 95/46/EC that it replaces and moves to a risk-ba...

Read More

Lack of transparency with Facebook and other social media sites will be forced to come to an end as a result of GDPR

The Economist reports today (7 April 2018) that there’s been a bit of wake up call for Facebook and all other social media giants as a result of the furore over the mis-use of personal data. Mark Zuckerberg is openly admitting that Facebook data of up to 87 million people – 37 million more than previously reported – may have been improperly shared with Cambridge Analytica.

As a result of a data breach on a scale not seen since Yahoo!, Americans are looking enviously at Europe where data protection, privacy and security laws protecting the individual are now the global ‘gold standard’ as a result of the GDPR that’s fully enforceable from 25 May – just 34 working days from today.

Rights over personal data are enshrined in the EU’s Charter of Fundamental Rights and EU citizens now have...

Read More

Crisis of confidence in Silicon Valley

Mark Zuckerberg’s “confessional” on CNN broadcast on Thursday 22 March 2018 was a blatant attempt at a public relations ‘damage limitation’ exercise.

I’m not convinced it had the desired effect.

Facebook’s share price continues to fall and pressure for an investigation of the company and its dealings with UK-company Cambridge Analytica continues to mount on both sides of the Atlantic.

“This is a major breach of trust and we are sorry about that, ” says Zuckerberg. Right. But you can’t help feeling he’s trying to play the ‘victim’ of some unwitting scam.

Facebook have made one bad mistake after another  – whether that’s providing a platform for sexual exploitation of women and children or the spread of toxic extremist ideology of sick, evil terrorists.

And judging by the law suits its fa...

Read More

British Government showdown with social media giants next month

Last chance saloon for social media giants, warns Matthew Hancock, Secretary of State, DCMS as British Government raises the prospect of a ‘breach of duty of care’ owed to users of social media services and promises more legislation unless they get themselves sorted out.

Speaking to The Sunday Times (25 March 2018), Hancock said Facebook and other tech giants that harvested personal data from users would be ordered to simplify their terms and conditions so they fitted on a single page.

He’s summoned Facebook, Google and Twitter to a showdown next month following revelations about the way Facebook data was used by the UK firm Cambridge Analytica to help Donald Trump’s Presidential election campaign.

A cloud still hangs over the prospect of unlawful profiling of UK citizens to influence ...

Read More

First among equals – Hitachi Consulting first global company to certify under BS 10012:2017

On Friday 23 March 2018, the BSI (British Standards Institution) has certified Hitachi Consulting Corporation, a subsidiary of Hitachi, Ltd (TSE: 6501), to a new standard of excellence in data protection, privacy and security developed under the General Data Protection Regulation (GDPR).

Hitachi Consulting becomes one of the first companies in the UK to achieve compliance with the BS 10012:2017 data protection standard for its personal information management system (PIMS) that sits at the heart of its compliance with the GDPR.

“We are immensely proud of this recognition from the one of the world’s leading certification bodies...

Read More

Killing a few sacred cows?

A couple of weeks’ ago, I was invited to speak to around 150 people at a gathering of the Government Blockchain Association (GBA). It was an illuminating experience.

What struck me was that the digital landscape referred to in the Recitals of the General Data Protection Regulation (GDPR) isn’t the same as the technology landscape these ‘digital disruptors’ are building today.

According to the Oxford English Dictionary, blockchain (noun) is: “A system in which a record of transactions made in bitcoin or another cryptocurrency are maintained across several computers that are linked in a peer-to-peer network.”

That sounds very geeky and techie and of little relevance to the rest of us and only those with a strong interest in advanced mathematical algorithms?

Wrong!

Blockchain isn’...

Read More

Last call

The Financial Times reports this morning (Monday 12 Feb 2018) that Unilever, the world’s second-largest advertiser has warned social media giants Google and Facebook that it will pull its advertising from their platforms if they continue to ‘’foster hate’’ or fail to act responsibly in the wake of the exponential increase in offensive and unlawful content that is posted on its platforms and represents a direct assault on the rights, freedoms and interests of millions of data subjects, including children.

The climate has turned and social media giants now find themselves in a media storm where sitting back and doing nothing is no longer an option...

Read More

Schrems fails to deliver a knockout blow to Facebook Ireland at the Court of Justice, European Union

On Thursday 25 January 2018, the Court of Justice of the European Union (CJEU) ruled that 30-year old Austrian privacy campaigner Max Schrems couldn’t bring a class action law suit against Facebook Ireland for what he claims was illegal use of personal data but granted him permission to challenge the social media giant’s business practices in his native Austria.

The second CJEU ruling in Schrems’ long-running legal battle with Facebook is significant for widening legal jurisdiction against Facebook Ireland by granting the right of Schrems to take legal action against Facebook Ireland in the Austrian courts.

Facebook Ireland, headquartered in Dublin, unsuccessfully argued that the matter could only be heard in Irish courts.

The case now returns to Austrian courts that had previously faile...

Read More

Not a good start to the New Year for Apple

Apple has just issued a second customer warning for owners of its iPhones, iPads and MAC products that they are affected by a processor flaw that could leave them vulnerable to hackers.

The US tech giant urged its millions of customers to only download software from trusted sources after the security vulnerabilities, known as Meltdown and Spectre, were revealed on Wednesday.

According to the Press Association (PA News), there’s no evidence that the security flaws that affect computer processors built by Intel and ARM – have so far been exploited by hackers, although companies including Microsoft have been working to provide urgent fixes.

Apple says it had released software updates for iOS, the software on its phones and tablets, macOS, which is used by its computers and tvOS for its tele...

Read More