GDPR is not Y2K
There are still some myths out there though and, as we approach Christmas and New Year, there’s one in particular […]
ICO
UK’s DPA seeks comment on draft Children and GDPR guidance
Fairness, transparency and accountability are essential for all data processing, but this is especially relevant when children are accessing online […]
UK’s DPA concerned that government plans for the Data Protection Bill threaten its independence
The UK’s data protection watchdog has raised concerns that proposed new UK laws threaten its ability to operate independently of […]
UK’s ICO offers guidance on security and breach reporting for eID and trust services
Businesses that provide services designed to show that electronic data is authentic and can be trusted have been issued with […]
UK Information Commissioner Publishes Advice on BCR Applications under the GDPR
On November 20, 2017, the UK Information Commissioner’s Office (“ICO”) published an article on its blog containing advice on applications […]
Privacy regulators and their many hats
National data protection authorities seem to get the most attention when they impose fines and penalties for violations of data […]
ICO issues more GDPR guidance and confirms that BCRs will continue
The guidance, issued on 21 November, puts together information about guidance previously issued by the ICO, and links to guidance […]
Warning for workers after charity employee is prosecuted for data protection offences
People working with personal information have been warned they have to obey strict privacy laws after a charity worker was […]
Stricter consent rules will pose challenges for data brokers
It will become harder for data brokers to sell personal data to businesses in a way that complies with the […]
Most organisations are unclear about data storage and transfer arrangements
Most privacy notices displayed on websites and mobile apps do not explain to consumers the country in which collected personal […]
Businesses will be considered ‘aware’ of data breaches under GDPR when their data processors notice the breach
Businesses that outsource the processing of personal data to other companies will be said to be aware of data breaches […]
What’s wrong with the ICO’s draft guidance on controller-processor contracts?
Controller-processor contracts and liabilities don’t seem destined for any guidance from the Article 29 Working Party, at least according to […]