Data Protection News Roundup – 22nd September 2020

The Data Guardians’ Managing Director and lead consultant Matthew Lamb is a Certified Data Protection Officer and Cyber Risk Management Practitioner. Get in touch with us to ask about how we can help you with your GDPR and Data Protection Act compliance as well as addressing your Cyber Security issues.


Coronavirus Response

The ICO has published data protection guidance for organisations mandated to collect customer and visitor information. Find the guidance here.


Data Breaches

The details of more than 18,000 people who tested positive for coronavirus were published online by mistake by Public Health Wales. The health body said the data of 18,105 Welsh residents was viewable online for 20 hours on 30 August. Most cases gave initials, date of birth, geographical area and sex, meaning the risk of identification was low, Public Health Wales (PHW) said. Read more here.

93% of companies surveyed suffered data breaches through outbound email in the last 12 months, according to a study from security firm Egress, conducted by Arlington Research.

The National Cyber Security Centre has issued an alert that there has been an increased number of ransomware attacks affecting schools, colleges and universities in the UK. Read more here.


Other News

The National Institute for Clinical Excellence (NICE) is under fire over plans that would see a woman’s alcohol consumption during pregnancy automatically recorded on their child’s medical records. According to reproductive charity the British Pregnancy Advisory Service (BPAS) such a move would be in contravention of GDPR and the Data Protection Act 2018, as any data collected would be shared with a third party without consent. Read more here.

YouTube is facing a legal battle for allegedly breaching the privacy and data rights of under-13s in the UK. A claim lodged with the High Court against parent company Google accuses the firm of collecting children’s data without parental consent. Damages of more than £2bn are being sought for about 5 million British children as well as their parents or guardians. Read more here.

Tech firms have been urged to stop advertising to under-18s in an open letter signed by MPs, academics and children’s-rights advocates. Behavioural advertising not only undermines privacy but puts “susceptible” youngsters under unfair marketing pressure, the letter says. Read more here.

Consumer watchdog Which? Has found that companies in the UK aren’t doing enough to protect their customer from having their information stolen and sold on following a data breach. In a nationwide survey, the organisation found that 46% of people whose data was stolen by hackers then went on to experience fraud. Read more here.

According to a new report from Sharp UK, a third of SMB owners admit to providing no cyber security training or resources to employees. The report also found that 48% of respondents are concerned about possible phishing attacks and 40% are concerned about the impact of ransomware. Read more here.

Facebook is seeking to block EU regulators from forcing it to suspend transatlantic data transfers in the wake of the Schrems II ruling. Facebook has applied to judges in Ireland to seek a judicial review of a preliminary suspension order. Read more here.

Don’t miss another news roundup, subscribe to our mailing list and receive a monthly email with essential data protection news and insights. Subscribe here.

Leave a reply

You must be logged in to post a comment.