Did you think the ePrivacy Regulation was dead? Think again
Back in the months leading upto GDPRmaggedon there was talk of a new ePrivacy Regulation that would replace PECR in the UK and streamline cookie … Read more
ICO publishes new guidance on special category data
The ICO have published new guidance on the the processing of special category data. Special category data is data considered to be more sensitive and … Read more
Third EU review of Privacy Shield confirms continued adequacy
The EU-US Privacy Shield decision was adopted in 2016. It protects the personal data rights of EU citizens when their data is processed by US organisations … Read more
Latvian “ICO” issues €7k fine for right of erasure failing
The Latvian Data Protection Authority (the Data State Inspectorate of Latvia (DSI)) has issued a fine of €7000 to an online retailer for non-conformity with … Read more
What a DPO in the education sector can learn from the latest children and privacy report
When the GDPR came into force it introduced specific controls relating to children: If you rely on consent as the lawful basis for processing personal … Read more
Court says use of facial recognition by South Wales Police lawful
A case brought by an individual, who argued his human right to privacy had been breached along with data protection law, by South Wales Police … Read more
When does the clock start ticking for a subject access request?
On the face of it, it seems quite simple: you get one month to deal with a subject access request (SAR or DSAR); Article 12 … Read more
ISO releases new standard for privacy information management
On 6th August the ISO (International Organisation for Standardization) announced what it calls the first international standard for tackling privacy information management. ISO27701 “security techniques … Read more
£160k fine for TPS and transparency failings
A boiler replacement company has been fined £160,000 by the ICO for calling over 850,000 people who had registered with the Telephone Preference Service (TPS) … Read more
Greek DPA -v- PwC highlights consent not suitable lawful basis for employee data
The Greek equivalent of the ICO have issued a €150,000 fine of PwC for having the wrong lawful basis for processing for their employee’s data. … Read more