legislation

Complaint Filed Against Address Broker in Vienna

By Dave McKay in privacy

December 3, 2020

On Tuesday, My Privacy is None of Your Business (NOYB) filed a GDPR complaint against AZ Direct Österreich GmbH. They are an address broker—they sell personal data—based in Vienna. They refused to reveal where they get their data from and with whom it had been shared. They claimed they didn’t know because they didn’t bother recording it. It would have been “too burdensome”. A data subject had sent a data subject data access request and asked from where the address publisher had collected his data and to whom it had been sold.

Continue reading

Age Appropriate Design for Online Services

By Dave McKay in privacy

August 30, 2020

New Code of Practice for Online Services The Age Appropriate Design Code drawn up by the Information Commissioner’s Office (ICO) will come into force in the UK on 2nd September 2020. The much-anticipated has a 12-month transition period. The code is based on 15 flexible standards to ensure a high level of privacy settings by default. They affect website designers and mobile application developers. “We want coders, UX designers and system engineers to engage with these standards in their day-to-day work and we’re setting up a package of support to help,” said the ICO.

Continue reading

Oracle and Salesforce Face £900 million Class Action

By Dave McKay in privacy

August 22, 2020

PECR and GDPR Gotchas Catch Oracle and Salesforce The Privacy and Electronic Communications Regulations govern electronic marketing in the UK. They were not changed when the General Data Protection Regulations came into force, but they were affected by them. That’s because when the PECR talks about consent, it says that the consent required must be that of the current data protection regulations. And, of course, the acceptable means of securing and recording consent changed when the GDPR superseded the 1998 Data Protection Act.

Continue reading

Blackbaud Breach Affects 20 UK Universities

By Dave McKay in cybersecurity

July 25, 2020

Why Choosing Data Processors Needs Due Care and Attention Blackbaud, the world’s largest supplier of “education administration, fundraising, and financial management software” has suffered a breach in May, 2020. There are over 20 UK Universities and other organizations affected by the breach. And, because under the General Data Protection Regulations (GDPR) regulations you are jointly responsible for breaches that occur at your data processors, those customers are now facing fines from the Information Commissioner’s Office.

Continue reading

What Is Cyber Essentials?

By Dave McKay in cybersecurity

July 11, 2020

Demonstrate Your Commitment to Data Protection CyberEssentials is a government-backed and industry-recognised scheme. It helps businesses protect themselves against the most common cyber attacks and threats. Compliance to the standard ensures that a set of basic technical and organisational controls—that’s policies and procedures—are in place, providing a common sense and valuable level of protection. The National Cyber Security Centre manage the scheme on behalf of the government. What Is Involved?

Continue reading

A searchable copy of the GDPR

By Dave McKay in compliance

July 10, 2020

An Online, Searchable Version of GDPR The GDPR regulation can be impenetrable, off-putting, and downright intimidating. It’s 88 pages long … There are 11 chapters … There’s 99 articles scattered through those chapters … And there’s 173 recitals that you have to wrestle with too! Thankfully, Intersoft Consulting have put together an online, searchable and free copy of the GDPR regulations. You can search by word or phrase like “legitimate interest”, or by section name like “article 14”.

Continue reading

Categories

Tags