This blog has given much coverage to the forthcoming General Data Protection Regulation. What changes will it bring? How will the fines jump? Will Brexit affect it becoming enforceable in the UK? Earlier this year, the Italian Data Protection Authority fined a UK web-based money transfer firm €5,880,000. The current maximum fine imposed by the … Continue reading Massive data fines in Italy
Apparently, 24% of businesses are not preparing for the General Data Protection Regulation because they believe Brexit means it won't apply in the UK. I deliberately didn't post this on April Fool's Day as it's too serious. The survey results are staggering on two fronts. First, these businesses have actually heard of GDPR and have undertaken … Continue reading Brexit means no GDPR
I gave a talk about GDPR recently. For those of you who asked for the slides (there were only 2!) you can grab them here. Also, here are those 10 points to prepare for GDPR: Check you have “notified” the Information Commissioner's Office that you are a data user ("data controller"): quick, cheap straightforward online … Continue reading Prepare for GDPR
I hear odd data myths. Here's a compilation. Myth 1: UK law says I can't transfer my data outside the UK Truth: Wrong. You can transfer within the EEA, to any country on the EU Commission's adequacy list and to other countries with appropriate safeguards, such as the EU/US Privacy Shield. Myth 2: German law … Continue reading Data: sorting the truth from the lies
GDPR becomes enforceable on 25 May 2018 and, since Brexit will happen after that, UK businesses will have to comply. What do you need to know? Hefty fines It's already gained much coverage. The largest fines - the higher of 4% of annual global turnover or €20m - will be for breaches of the fundamental obligations, … Continue reading Are you ready for GDPR?
The ICO has had a busy start to 2017 issuing a number of fines for data breaches. £40,000 fine for IT Protect for making nuisance calls trying to sell call-blocking devices to people who had registered to opt out of nuisance calls £50,000 fine for LAD Media for instigating the sending of 400,000 spam texts about debt without … Continue reading Data fines in Jan 2017
Someone asked me on Twitter how the repeal of the Human Rights Act in the UK would affect an adequacy decision for UK data transfers. It is simpler to blog about it than try to squeeze the answer into numerous tweets, so here goes... For all this talk about Brexit, many people forget that the … Continue reading Does UK need privacy shield after human rights repeal?