Data Protection News Roundup – 6th November 2018

Who’s getting it wrong?

Two firms that made nearly 600,000 nuisance calls attempting to sell home security systems to people registered with the Telephone Preference Service have been fined a total of £220,000 by the ICO.

  • ACT Response Ltd of Middlesbrough made 496,455 live marketing calls to TPS subscribers and has been fined £140,000.
  • Secure Home Systems (SHS) of Bilston, West Midlands, has been fined £80,000 for making calls to 84,347 numbers registered with the TPS.

Andy Curry, ICO Group Enforcement Manager said: “The TPS is there for a reason – to protect people’s privacy and ensure that marketing companies obey the law. Marketing companies failing to take the basic step of checking TPS can expect robust enforcement.” Read more here.

Following Cathay Pacific’s data breach involving 9.4 million passengers Hong Kong’s privacy commissioner has launched a compliance investigation into whether the company violated privacy rules. The airline waited seven month to inform them of the data breach which occurred in March. Read more here.

 

Other News

Eurostar has forced all of its customers to reset their passwords after detecting an “unauthorised attempt” to hack into its systems and access their accounts. Credit card details and payment details were not compromised but Eurostar has yet to confirm how many people have been affected by this breach or whether any data has been taken. Read more here.

The ICO has published a blog post on its investigation into the use of data analytics for political purposes. It says that the investigation has extended to 30 organisations and that they found a disturbing disregard for voters’ personal privacy by players across the political campaigning eco-system — from data companies and data brokers to social media platforms, campaign groups and political parties. The Information Commissioner is calling for views on a code of practice covering the use of data in campaigns and elections. She has also called for the UK government to consider where there are regulatory gaps in the current data protection and electoral law landscape and to ensure we have a regime fit for purpose in the digital age. Read more here.

A poll of over 1000 UK workers has found that 17% of workers haven’t been given a concrete GDPR policy by their company, 10% didn’t know who was responsible for GDPR at work, and 18% thought it was their manager’s responsibility. Over half have also seen personal or confidential information they shouldn’t have and 30% of HR professional admitted they had left confidential paperwork unattended at work. Read more here.

Leave a reply

You must be logged in to post a comment.