BSI film on Hitachi Consulting Corp becoming the first global company to achieve BS10012:2017

 

 

Watch the film here

Read More

Power-list of influences in the data privacy landscape

Read More

Facebook/Cambridge Analytica data breach offers an objective lesson in why companies should be wary of encouraging users to share contact information

Does your company have consumer data it isn’t legally authorized to possess?

Don’t be too quick to answer. Many ethical, lawfully managed businesses do have such data — and it comes from a surprising source: their customers, who inadvertently share the personal data of their family, friends, and colleagues.

The lack of awareness regarding peer-dependent privacy is one way that London-based Cambridge Analytica Ltd. was able to collect the personal information of more than 71 million Facebook users, even though only 270,000 of them agreed to take the now-bankrupt company’s app-based personality quiz. Cambridge Analytica reportedly knew what it was doing, but any company that accesses customer data, such as contacts, call logs, and files, can unknowingly breach peer privacy.

Blame a...

Read More

You never know who you’ll bump into on a rainy afternoon in Richmond, England!

Read More

BSI makes film of Hitachi Consulting becoming the first global brand to achieve BS10012:2017 certification ahead of 25 May 2018

Yesterday, I gave an interview on film about my role as a member of the team that led to Hitachi Consulting Corp becoming the first global brand to achieve BS10012:2017.The new standard was created in the wake of the GDPR and is a Personal Information Management System (PIMS). This is a significant achievement as Hitachi Consulting Corp can now demonstrate – and it’s been independently verified by the oldest standards awarding body in thew world – that it has a world-class  culture of compliance. The PIMS sits at the heart of Hitachi Consulting Corp. efforts to comply with the GDPR.  The short film is available here   It was launched on Friday 25 May to coincide with the end of the transition period for the GDPR.  With me is Joanne Bennett, VP, Associate General Counsel – Commer...
Read More

Flight to quality GDPR training expected after 25 May 2018 as companies realise they are under-prepared and require better quality training

Read More

Watch my GDPR presentation delivered at Empower MSP Amsterdam on 15 May 2018

Read More

US companies are behind the curve on understanding how GDPR impacts their businesses

There’s an eerie lack of awareness about the impact of the GDPR on US businesses that target consumers in the European Union. According to recent research by the IAPP, complexity of laws, inadequate budget and too little time combined with the lack of qualified and trained staff have conspired to perpetuate this lack of readiness by US companies.

Here in Europe, many companies and organisations have been bracing themselves for the biggest shake-up in data protection, privacy and security for over two decades that’s fully effective from 25 May 2018 – in 13 days’ time.

I’ve been in conversations with senior US-executives who’ve boldly told me that the “GDPR doesn’t apply to them” and in any event they can rely on ‘legitimate interest’ to continue to market goods and services and monitor t...

Read More

Enough already? Fed up with GDPR emails asking for your consent?

You bet!

This is an all-out attack by the zombies! They follow other zombies by sending us mindless emails saying this kind of crap:

“We’re committed to managing and safeguarding the information you give us when looking for a job. CLICK HERE TO STAY SIGNED UP.”

Or how about this:

“LET’S STAY IN TOUCH. Did you know? New privacy laws come in to effect on 25 May. This landmark new law is designed to improve your privacy rights. This is great news for online shoppers, so if you enjoy getting our promotional emails, just click below…”

Or this:

“We don’t want to lose you, so please take action NOW”

STOP! THINK! LEARN!

These emails are pointless!

In the UK, it’s been the law since 2003 that you can only send a marketing email to an individual recipient when they’ve consented...

Read More

Dot Gone! The end of the road for Whois

It’s the end of the road – and the end of an era – for the Whois service as its US-based parent ICANN fails to find a solution to continue the service that isn’t a breach of the General Data Protection Regulation (GDPR).

According to its Wikipedia entry, Whois is a ‘query and response protocol that’s widely used for querying databases that store the registered users or assignees of anInternet resource, such as a domain name, an IP address block, or an autonomous system, but is also used for a wider range of other information. The protocol stores and delivers database content in a human-readable format.’

The Whois system publishes the name, address and telephone number of everyone that registers an internet address without any data privacy notice or prior consent of the ...

Read More