Data Protection News Roundup – 16th April 2019

The Data Guardians Managing Director and lead consultant Matthew Lamb is a Certified Cyber Risk Management Practitioner. Get in touch with us to ask about how we can help you with your GDPR and Data Protection Act compliance.



The Home Office has apologised to hundreds of EU citizens seeking settled status in the UK after accidently sharing their details. It blamed an “administrative error” for sending an email that revealed 240 personal email addresses. Read more here.


Who’s getting it wrong?

The ICO has fined a company selling funeral plans £80,000 for making unlawful marketing calls to people who had made it explicitly clear they didn’t want to receive them. An investigation revealed that the company had made almost 52,000 calls to people who were registered with the TPS between March and November 2017. Read more here.

Bounty UK, a pregnancy and parenting club, has been fined £400,000 by the ICO for illegally sharing personal information belonging to more than 14 million people. Bounty UK collected personal information for the purpose of membership registration through its website and mobile app and directly from new mothers at hospital bedsides then supplied it to third parties for the purpose of electronic direct marketing. Read more here.

True Visions Productions, a television production company, has been fined £120,000 for unfairly and unlawfully filming patients at a maternity clinic. The company set up CCTV-style cameras and microphones in examination rooms at Addenbrooke’s Hospital in Cambridge for a Channel 4 documentary on stillbirths. Although the company had the hospital trust’s permission to be on the site, they did not provide patients with adequate information about the filming or get adequate permission from those affected by the filming in advance. Read more here.


Other News

The ICO has appealed for people to support their elderly relatives or neighbours if they are receiving nuisance marketing calls to register with the telephone preference service.

Following the Government’s white paper on online harms the ICO has published ‘age appropriate design: a code of practice for online services’ for consultation to set out the standards expected of those responsible for designing, developing or providing online services likely to be accessed by children. Read more here.

The ICO’s Deputy Commissioner for Policy Steve Wood has reminded public and private organisations that the new data protection laws don’t stop them from disclosing personal data to assist police forces or other law enforcement authorities. Read more here.

A series of security reports over the weekend raised concerns about Microsoft’s transparency in the wake of a recent data breach. Hackers gained access to the company’s email service and Microsoft confirmed that people using, and accounts were affected. Microsoft said the breach was limited to some metadata and subject lines of email but it seems they concealed that actual email messages were also compromised in some cases. Read more here.

Facebook and Instagram face limits on letting under-18s “like” posts on their platforms while Snapchat could be prevented from allowing the age group to build up “streaks”, under new rules proposed by the UK’s data watchdog. It believes the tools encourage users to share more personal data and spend more time on apps than desired. The proposal is part of a 16-rule code. Read more here.

Leave a reply

You must be logged in to post a comment.