Data Protection News Roundup – 9th April 2019

The Data Guardians Managing Director and lead consultant Matthew Lamb is a Certified Cyber Risk Management Practitioner. Get in touch with us to ask about how we can help you with your GDPR and Data Protection Act compliance.



The UK government has announced plans to create a new independent regulator that would oversee “harmful content” on social media, search engines, messaging, and file-sharing platforms. Platforms that fail to keep users safe would face huge fines under the proposed rules. Read more here.


Who’s getting it wrong?

The ICO has fined the London Borough of Newham £145,000 for disclosing the personal information of more than 200 people who featured on a police intelligence database known as the ‘Gangs Martix’. An ICO investigation found that in January 2017, a Newham Council employee sent an email to 44 recipients that contained both redacted and unredacted versions of the Gangs Matrix. Then between May and September 2017, rival gang members had obtained photographs of this information via Snapchat. Also in 2017, the Borough experienced a number of incidents of serious gang violence. Victims of the violence included people who featured on the inappropriately shared Gangs Matrix. Read more here.

A former GP has been fined for sending personal data to her own email account without authorisation. Shamim Sadiq worked at Hollybrook Medical Centre but was suspended in November 2017 for unrelated matters and dismissed later that month. The day after her suspension, Sadiq had forwarded an email from her work email account to her personal email account without a business reason to do so. It contained 13 application forms which had been submitted several months earlier for a vacancy at the surgery and included names, addresses, personal email addresses, national insurance numbers of candidates as well as further personal data of their referees. Read more here.

The Home Office has admitted breaching data protection rules when it launched the Windrush compensation scheme. The department sent information to Windrush migrants in a way that meant their email addresses could be seen by other people. Read more here.


Other News

The ICO has released a list of companies that haven’t paid their data protection fee. The companies failed to pay, even after receiving penalty notices, and include publisher Conde Nast, pizza chain Prezzo and construction firm Caterpillar. Read more here.

Mikko Niva, Group Policy Officer at Vodafone Group Services, has been awarded Data Protection Officer of the Year for delivering a pioneering global privacy compliance programme for Vodafone across 21 countries. Read more here.

The Information Commissioner Elizabeth Denham gave a speech yesterday at the Data Protection Practitioners’ Conference. She spoke about how she doesn’t think the accountability aspect of the GDPR is being taken seriously. Read more here.

A survey of security professionals in six countries, including the UK, by the Ponemon Institute found 90% had been hit by at least one successful attack. Respondents said around half of the successful attacks had resulted in downtime of critical systems. Read more here.

Hayes Connor Solicitors, a legal firm based in the northwest of England, is filing a £5m suit against Ticketmaster following a data breach last June. Read more here.

Leave a reply

You must be logged in to post a comment.