ICO lays out standards for handling children’s data
Fieldfisher - Privacy, Security and Information Law
by
4y ago
On 21 January 2020, the UK’s data protection watchdog, the Information Commissioner's Office, published a set of design standards for Internet services, which are intended to help protect the privacy and safety of children online. The code sets out the standards expected of those responsible for designing, developing or providing online services such as applications, connected toys and devices, programs, social media platforms, messaging services, games, websites and streaming services. It covers services likely to be accessed by children and which process their data. It is however not restric ..read more
Visit website
Top tips for notifying breaches to regulators under GDPR
Fieldfisher - Privacy, Security and Information Law
by
4y ago
Notifying personal data breaches to regulators requires a considered approach. In the heat of the moment, particularly when there is a 72 hour clock counting down, it is all too easy to make costly mistakes. Here are our top five tips for navigating the many pitfalls of a breach notification. 1.   Notify the right regulator Identifying the right regulator to notify can be confusing, particularly if the incident affects individuals in multiple countries. If your organisation has identified a lead supervisory authority for GDPR purposes this can make life simpler, i.e. you can notify the lead su ..read more
Visit website
BREAKING NEWS: EU DPA to fine Santa 4% of annual worldwide turnover
Fieldfisher - Privacy, Security and Information Law
by
4y ago
(Fieldfisher, London) - An EU DPA is to fine Santa Claus a staggering £1bn following alleged violations of the European Union General Data Protection Regulation, we can exclusively reveal.  A DPA spokesperson told us: “The magnitude of this fine reflects the severity of Santa’s violations.” The GDPR became applicable on 25 May 2018, after several years of negotiations between EU institutions.   The law, which protects EU data subjects’ personal data, grabbed headlines for the strictness of its rules and its worldwide applicability. “This was what really surprised us in our investigations into ..read more
Visit website
Why phishing is one of the biggest and most overlooked cybersecurity threats
Fieldfisher - Privacy, Security and Information Law
by
4y ago
A couple of weeks ago you received an email from the IT team who wanted you to urgently log in to your Microsoft account so they could check something or other. What you didn't realise is that the email address isn't one your IT team usually use. Two weeks later, the real IT team get in touch about unusual activity in your mailbox.   Yep, you fell for a phishing attack. Not to worry, you have now changed your compromised password – job done! Actually that's not the end of it at all ……… What some organisations are failing to realise is that a successful phishing attack, where malicious parties ..read more
Visit website
ICO consultation to obtain powers under the proceeds of Crime Act 2002
Fieldfisher - Privacy, Security and Information Law
by
4y ago
On the 8 November 2019, the ICO opened a consultation on their application for powers under the Proceeds of Crime Act 2002 ("POCA"). The ICO have a responsibility for investigating and pursuing criminal offences under the General Data Protection Regulation ("GDPR") and Data Protection Act 2018 ("DPA"). The ICO is concerned that the current sanctions available to them is not sufficient to deter criminal activity concerning data. There has been a significant increase in the illegal trading of personal data over the years leading to a number of victims of criminal activity including scams and fra ..read more
Visit website
Have your say on cyber security - The UK Government issues a call for evidence
Fieldfisher - Privacy, Security and Information Law
by
4y ago
From conversations with our clients and other friends we know that the topic of cybersecurity still burns bright at the top of your agendas. Rightly so. The World Economic Forum’s recent report on Regional Risks for Doing Business 2019 ranks cyber attacks second only to fiscal crises in its assessment of global risks to business (and data theft makes the list in its own right, in seventh place). That makes cyber a bigger issue than traditional fears such as failures of national government or critical infrastructure. Ensuring your business is as well-prepared as it can be is a core goal, and we ..read more
Visit website
Does the EDPB answer frequently asked questions on territorial scope? (Update)
Fieldfisher - Privacy, Security and Information Law
by
4y ago
The EDPB has at last released the final version of its guidance (available here) on the territorial scope of the GDPR ("Guidance") – almost a year to the day after the draft guidance was published. As this attempts to answer the key question for many organisations worldwide ("Does the GDPR apply to me or not, and if so, in its entirety?") we thought it prudent to update our blog from last year (available here). This blog will focus on the updates so should be read in conjunction with the previous one. (For those interested, an unofficial redline we have generated is available here). We will no ..read more
Visit website
The use of biometric data in an employment context
Fieldfisher - Privacy, Security and Information Law
by
4y ago
The use of biometric data in an employment context is increasingly popular and seems to become a "quick-fix" modern security or fraud prevention solution. The increased use of biometric data for personal use (e.g. for the use of smartphone functions) seems to have increased the perceived acceptance of the use of biometric data. Data controllers should be aware however that the processing of biometric data may expose them to significant risks in case of data breach. This has been painfully demonstrated by 2 Israeli researchers who discovered that they were able to access a database with the fin ..read more
Visit website
This is Going to Hurt: Secret Diaries of the ICO (or, a Song of Enforcement and Fining)
Fieldfisher - Privacy, Security and Information Law
by
4y ago
In our latest blog post, Fieldfisher explores the enforcement powers of the Information Commissioner's Office ("ICO") under the General Data Protection Regulation ("GDPR") and Data Protection Act 2018 ("DPA 18"). The new GDPR fining powers have had plenty of publicity, but what other tools does the ICO have at its disposal? We also consider what the ICO will need to consider while operating within the broader European framework; and what impact a hard Brexit would have on businesses operating in the UK and the EU. Plenty to unpack here, so dive on in. Download the full article here: This is Go ..read more
Visit website
Accountability - the enabler to evidencing your compliance under the GDPR Part 2
Fieldfisher - Privacy, Security and Information Law
by
4y ago
Accountability - the enabler to evidencing your compliance under the GDPR Part 2: Some practical tips about what you ought to be considering and doing Welcome to our second part of this blog on Accountability - the enabler to evidencing your compliance under the GDPR. Given accountability's extensive nature across the GDPR, it can be difficult to know quite where to start with evidencing your compliance. As mentioned in Part 1, it is practical to have one document or framework, which acts as a hub to document and record in one place, all your different components of data protection compliance ..read more
Visit website

Follow Fieldfisher - Privacy, Security and Information Law on FeedSpot

Continue with Google
Continue with Apple
OR