Facebook €10M fine in Italy

12 December 2018

Not a GDPR fine, but, according to press reports, Facebook has been fined €10M by the Italian consumer protection authority arising out of its use of subscriber’s data. The reports say that FB breached the Italian Consumer Code by misleading users about the commercial use of their data and not making it clear to users […]

Read more

Jingle Regulation

7 December 2018

The UK’s data protection enforcement body, the ICO, has published an article on “Sleigh-ing the Christmas GDPR myths”.  As they say, the last thing they want is Santa to be reported to the IC-Ho-Ho-Ho! So the article sets the record straight on some pretty crazy “rules” that have been blamed on GDPR, such as: Children […]

Read more

Uber fined £385,000 following mass data breach

29 November 2018

The UK Information Commissioner’s Office (ICO) has issued a fine against Uber for £385,000 for failing to protect customers’ personal information during a cyber attack in 2016, that compromised the data of millions of customers and tens of thousands of drivers. The ICO has reported that data security flaws allowed the personal details of about […]

Read more

ICO penalty for spam overturned

29 October 2018

A fine imposed by the ICO on a company accused of sending millions of unsolicited emails was overturned last month by the Appeal Tribunal[1]. The ICO had initially issued the fine against Xerpla Ltd, for a breach of regulation 22 of the Privacy and Electronic Communications Regulations (PECR) against unsolicited communications. In brief, this regulation […]

Read more

Personal data: a global commodity subject to regional rules

14 September 2018

The introduction within the EU of the General Data Protection Regulation (GDPR) led to frantic scrambles in the EU to achieve compliance. Such behaviour is understandable, given how easily a complaint may be made to a supervisory authority about organisations which allegedly breach data protection rules: in Britain, the Information Commissioner’s Office (ICO) has provided […]

Read more

WhatsApp: We won’t share your data with Facebook… for now

16 March 2018

Following an investigation by the Information Commissioner’s Office (ICO), the UK’s data protection watchdog, WhatsApp has signed a public commitment not to share personal data (i.e. data which identifies individuals) with Facebook until data protection concerns are addressed. Facebook acquired WhatsApp in 2014, and the ICO’s investigation commenced in August 2016 to address concerns being […]

Read more

Brexit and planning for the unknown in IT

26 October 2017

As is beginning to become apparent, Brexit has wide-ranging consequences in many commercial and business areas. This is equally true in the sphere of data protection, where much of the applicable legislation has developed at an EU level. This is readily understandable, given (i) the wide-ranging technological advances that have occurred since the UK joined the European Communities in 1973 and (ii) the quintessentially cross-border nature of these developments.

Read more

Royal Assent received for the Digital Economy Act 2017

26 May 2017

New legislation introduced to extend digital connectivity, regulate direct marketing and protect consumers from unexpected phone bills and ticket bots. The Digital Economy Act 2017 (Act) has officially made its way into UK law. The Act addresses some of the many issues arising in conjunction with the surge in use of technology, digital media and […]

Read more