Privacy Archive
Stop us if you’ve heard this one before: organisations that fail to meet the requirements of the GDPR (General Data Protection Regulation) face fines of up to €20 million (about £17.3 million) or 4% of their annual global turnover. Experts …
The Supreme Court has given Morrisons permission to appeal a ruling that found the supermarket liable for a data breach caused by a malicious insider. Morrisons has lost two cases related to its March 2014 data breach, in which Andrew …
This blog has been updated to reflect industry updates. Originally published June 2017. On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. With the Regulation expanding the definition of personal …
Earl Enterprises, the restaurant giant that owns Planet Hollywood and Buca di Beppo, has disclosed a data breach affecting its payment card systems. In a press release published last week, the organisation confirmed that more than 100 of its US …
The ICO (Information Commissioner’s Office) has fined Grove Pension Solutions £40,000 for sending nearly 2 million unsolicited marketing emails. The pensions firm’s campaign, which took place between October 2016 and October 2017, violated the PECR (Privacy and Electronic Communications Regulations). Tried to do the right thing Grove’s PECR failure wasn’t for a lack …
The data protection landscape was dramatically reshaped with the introduction of the EU GDPR (General Data Protection Regulation) on 25 May 2018, but it wasn’t the only law that took effect that day. The UK DPA (Data Protection Act) 2018 …
You might have heard increased chatter recently about the need for an EU representative under the GDPR (General Data Protection Regulation). This rule applies to any organisation outside the EU that monitors the behaviour of, or provides goods or services …
For many organisations, last year’s GDPR (General Data Protection Regulation) compliance deadline was a whirlwind of privacy policy updates, data protection training courses and hours spent online researching exactly what a ‘controller’ and ‘processor’ are. In the nine months since, …
In the run-up to the GDPR (General Data Protection Regulation), experts repeatedly described the law as the successor to the UK’s DPA (Data Protection Act) 1998. But that was somewhat misleading, because the same day the GDPR came into force, …
2018 saw some of the biggest data breaches yet, with Marriott, Under Armour and Facebook suffering breaches that affected 500 million, 150 million and 100 million people respectively. It was also the year of the GDPR (General Data Protection Regulation), …
