The Data Guardians Managing Director and lead consultant Matthew Lamb is a Certified Cyber Risk Management Practitioner. Get in touch with us to ask about how we can help you with your GDPR and Data Protection Act compliance.
Who’s getting it wrong?
A Kent pensions company, which relied on ‘misleading’ professional advice, has been fined £40,000 by the Information Commissioner’s Office for being responsible for sending nearly two million direct marketing emails without consent. An ICO investigation found that Grove Pension Solutions Ltd of Sevenoaks, Kent was responsible for 1,942,010 emails promoting its services. The ICO’s Andy White said: “We acknowledge that Grove Pension Solutions Ltd took steps to check that their marketing activity was within the law, but received misleading advice. However, ultimately, they are responsible for ensuring they comply with the law and they were in breach of it.” Read more here.
Almost one billion people’s personal data has been breached online by a marketing company that has since disappeared without a trace. Email addresses from 982 million people were listed in what researchers are calling one of the ‘biggest and most comprehensive email database’ breaches ever. Personal information including names, gender, date of birth, employer, details of social media accounts and even home addresses were listed. Security researchers uncovered the breach in an online database created by Verifications.io that had no privacy protections in place. The firm offered an ‘enterprise email validation’ service that let other marketing firms check whether lists of email addresses they have harvested are real. Read more here.
In an opinion piece published on Saturday 30thMarch in The Washington Post, Facebook chief executive Mark Zuckerberg called for more regulation of the internet. He said there are four areas where more oversight is necessary: harmful content, election integrity, privacy and data portability. Read more here.
- In response the Information Commissioner Elizabeth Denham said yesterday:
“In light of Mark Zuckerberg’s statements over the weekend about the need for increased regulation across four areas, including privacy, I expect Facebook to review their current appeal against the ICO’s £500,000 fine – the maximum available under the old rules — for contravening UK privacy laws.” Read more here.
A survey by technology services company Probrand shows 43% of UK businesses having suffered a cyber breach or attack in the last 12 months. The study also found that 44% of businesses are failing to properly protect their client and employee data by not adequately securing their server. In addition 37% of the UK workers surveyed say they don’t believe they have important information stored on their server, revealing just how naïve many workers are about the sensitive nature of both the commercial and personal data they are storing. Read more here.
The Information Commissioner’s Office (ICO) has opened the beta phase of its Sandbox, a new service designed to support organisations using personal data to develop products and services that are innovative and have demonstrable public benefit. Read more here.