ICO calls for nominations for the second Practitioner Award for Excellence in Data Protection

The Information Commissioner is calling for nominations for the second Practitioner Award for Excellence in Data Protection, to recognise those practitioners who go above and beyond when it comes to implementing data protection in practice. Recognising the increasingly vital role played by data protection professionals, the Commissioner says that 2018 was the year that privacy and data security went mainstream. This included a once-in-a-generation reform of data protection laws, high-profile public debates about the use of personal data, and people increasingly exercising their rights. Privacy rights remain in the international…

SCL Elections prosecuted for failing to comply with enforcement notice

SCL Elections Ltd, also known as Cambridge Analytica, has been fined £15,000 for failing to comply with an enforcement notice issued by the Information Commissioner’s Office (ICO). The company appeared at Hendon Magistrates’ Court and pleaded guilty through its administrators to breaching s47 (1) of the Data Protection Act 1998. The criminal prosecution related to the company’s failure to respond to an enforcement notice issued in May 2018, which ordered the company to respond in full to a subject access request submitted by Professor David Carroll, a US-based academic. As well as…

Law changes on pension cold calling

Cold calls about pensions are now illegal in some circumstances following a change in the law. Unsolicited calls are the most common method for companies who operate pension scams to contact people and new legislation introduced by the government from 9 January aims to tackle this. ICO Investigations Manager, Andy Curry, said: ”These calls cause untold misery to thousands of people and we are pleased that the law now offers greater protection to stop them being scammed out of their hard-earned pensions by unscrupulous operators. “The ICO has powers to…

Blog: Access to serious sexual crime victims’ personal information – how much is too much?

A blog by Deputy Commissioner James Dipple-Johnstone for police, the criminal justice system and victims’ support groups.  There can be few more important areas of our lives where our wider rights and our information rights combine than in the criminal justice arena. The UK Government has recently supported recommendations made by the Justice Select Committee’s inquiry, Disclosure of Evidence in Criminal Cases on the use of personal data in criminal cases. One of these recommendations states there should be ‘clear guidelines on handling sensitive material.’ Victims of serious sexual offence…

London company fined after 14.8m spam texts sent

London-based firm Tax Returned Limited has been fined £200,000 by the Information Commissioner’s Office (ICO) for sending out millions of unsolicited marketing text messages. The ICO’s investigation found that, between July 2016 and October 2017, the company broke the law by sending 14.8 million marketing text messages without valid consent through a third party service provider. As the instigator of the campaign, Tax Returned should have taken reasonable steps to make sure the data they obtained complied with the Privacy and Electronic Communications Regulation (PECR), which includes getting specific, prior…

Blog: Data protection and Brexit – ICO advice for organisations

Information Commissioner Elizabeth Denham sets out how the ICO is helping businesses, particularly SMEs, prepare for a possible no-deal Brexit 13 December 2018 The basis on which the UK will leave the EU has still to be decided. The Government has made clear that the General Data Protection Regulation (GDPR) will be absorbed into UK law at the point of exit, so there will be no substantive change to the rules that most organisations need to follow. But organisations that rely on the transfers of personal data between the UK…

A statement from Information Commissioner, Elizabeth Denham in support of International Human Rights Day 2018

This year is the 70th anniversary of the signing of the Universal Declaration of Human Rights (UDHR), which exists to create equal dignity and worth for every person. A statement from Elizabeth Denham, Information Commissioner: Today is International Human Rights Day and I want to take the opportunity to show my support for the Standup4humanrights campaign. The campaign was set up to raise awareness of the continued importance and relevance of the principles in the UDHR. We all have a part to play in upholding human rights, both as individuals and…

Blog: Sleigh-ing the Christmas GDPR myths

In the latest of our series of GDPR myth-busting blogs, a new post by Deputy Commissioner (Policy) Steve Wood tackles some misconceptions which have sprung up around how the new data protection law might affect your Christmas. “He’s making a list,   “He’s checking it twice, “He’s gonna find out who’s naughty or nice,   “Santa Claus is in contravention of Article 4 of the General Data Protection Regulation (EU) 2016/679.” This comical rewriting of the classic Christmas song has been doing the rounds on social media in recent weeks. There have even…

Aion Token Project Estimates 18-Month Runway After Bitcoin and Ether Sales

Cash is king – especially during a crypto winter. That’s the takeaway from a report out Wednesday from the Aion Foundation, which raised $23 million worth of bitcoin and ether through a token sale in October 2017. Compiled with the help of Deloitte, though not formally audited by the Big Four accounting firm, the report details how Aion has been managing its crypto war chest. According to Aion Foundation CEO Matt Spoke, the foundation has sold off half of the bitcoin and ether it raised for fiat. The sales were…

Former headteacher prosecuted for unlawfully obtaining school children’s personal information

A former headteacher has been fined in court for unlawfully obtaining school children’s personal data from previous schools where he worked. Darren Harrison of Twickenham, obtained the information from two primary schools were he had worked, and uploaded it to his then current school’s server. As he had no lawful reason to process the personal data, he was in breach of data protection legislation. Six months into his role as Deputy Head at Isleworth Town Primary School, Harrison was suspended. A subsequent IT audit showed large volumes of sensitive personal…