Digital minister Margot James resigned last week to rebel against the government whip and block Boris Johnson from forcing a no-deal Brexit. Read more here.
Who’s getting it wrong?
A car industry employee who was sentenced to six months in prison in November 2018 for accessing personal data without permission, has been ordered to pay a £25,500 confiscation order in a case brought by the ICO. A judge determined that he has benefited from thousands of pounds as a result of his offences. Read more here.
The ICO has fined a London estate agency £80,000 for leaving 18,610 customers’ personal data exposed for almost two years. The exposed details included personal data such as bank statements, salary details, copies of passports, dates of birth and addresses of both tenants and landlords. Read more here.
An education sector marketing firm, Sprint Education, has committed a data breach because it mass-mailed people asking them to update their GDPR communications preferences. The URL for updating one’s mailing list preferences contained a string of numbers and by changing one of the digits, the name, job title and work email address of everyone on that mailing list could be viewed. Read more here.
The ICO is considering allegations that FaceApp, the face-ageing photo app that has gone viral, is misusing personal data. The developer’s company is based in Russia and people are concerned that FaceApp is storing the photo libraries of users without their permission. The company has strongly denied the allegation. Read more here.
Equifax has agreed to pay up to $700m as part of a settlement with a US regulator following its data breach in 2017. At least $300m will go towards paying for identity theft services and other related expenses run up by the victims. Read more here.
Don’t miss another news roundup, subscribe to our mailing list and receive a monthly email with essential data protection news and insights. Subscribe here.