GDPR Friday Roundup – 10th November 2017


The Data Protection Bill continued in the committee stage with line-by-line scrutiny on 6th November. They discussed the age at which children can consent to information society services handling their data. You can catch up on what members discussed here.

A third day of committee stage is scheduled for 13th November.

Written Questions

Digital minister Matt Hancock responded to a question from Labour MP for Hemsworth Jon Trickett on how many companies were notified of the data breach experienced by an accredited body for Cyber Essentials in June 2017 that resulted in its list of registered consultancies being stolen. Mr Hancock responded that data containing 801 email addresses, usernames, company name, and IP addresses from 800 companies, including assessors of and applicants to the scheme, was exposed. He said there is no information to suggest that information was extracted and no personal data was released. All 801 email addresses were notified and provided with advice and guidance. Read more here.


Who’s getting it wrong?

A former employee of a community based counselling charity has been prosecuted by the ICO for data protection offences. He sent spreadsheets containing the information of vulnerable clients to his personal email address without any business need to do so and without the consent of the data controller. He has also been ordered to pay costs of over £1,800. Following this prosecution the ICO has also issued advice to people working with personal information to obey privacy laws. Read more here.


Other News

New research conducted by the ICO has found that only one fifth of the UK public have trust and confidence in companies and organisation storing their personal information. The ICO’s Deputy Commissioner Steve Wood has reminded organisations to be transparent with people’s personal data to address the trust deficit. He said: “Changes to data protection legislation, which include the introduction of the GDPR, offer organisations an opportunity to re-engage with their customers about data. The new laws require organisations to be more accountable for data protection and this is a real commitment to putting the consumer at the heart of business.” Read more here.

Journalist Elliot Haworth has written an article laying out his concerns that some of the amendments Lords have tabled to the Data Protection Bill would overly restrict press freedom. Read more here.

Equifax update

In its first financial report since the breach earlier this year Equifax has identified more than $100m in costs and warned that the ultimate hit to profits could be higher as it deals with a raft of lawsuits and investigations. A wide range or regulators along with 50 state attorneys-general are probing the company. More than 240 class actions have been filed by consumers and unnamed financial institutions have also filed lawsuits, alleging negligence and breach of contract. Read more here.

Leave a reply

You must be logged in to post a comment.