Data Protection News Roundup – 29th September 2020

The Data Guardians’ Managing Director and lead consultant Matthew Lamb is a Certified Data Protection Officer and Cyber Risk Management Practitioner. Get in touch with us to ask about how we can help you with your GDPR and Data Protection Act compliance as well as addressing your Cyber Security issues.



The government has released its new data strategy report which promises a “transformation” of the UK’s data protection laws. Brussels has reportedly warned that the plan could endanger future cooperation with the EU. Read more here.


Coronavirus Response

Last week the NHS Covid-19 contact tracing app was launched in England and Wales. The app uses a framework developed by Apple and Google with data stored on an individual’s device rather than in a centralised database meaning that users can delete their data at any time and “nobody will know who or where you are”. Apple and Google have assured users that “privacy, transparency, and consent are of utmost importance”. Read more here.


Data Breaches

Following last month’s accidental data breach by Public Health Wales of 18,000 people who tested positive for Covid-19, the Welsh Government and PHW have launched an independent investigation. Read more here.

Basingstoke and Deane Borough Council has reported itself to the ICO following a data breach whereby a sharepoint site featuring housing customer data, intended just to be used by members of one team, was accidentally shared to other council employees and elected councillors. The ICO will take no further action. Read more here.

Airbnb hosts may have had their personal data, including addresses and the codes to rental homes, exposed to other users following a technical issue that resulted in a small subset of users inadvertently viewing limited amounts of information from other users’ accounts. Airbnb said it fixed the issue quickly and is implementing additional controls to ensure it doesn’t happen again. Read more here.


Other News

The ICO has fined a company for sending over 16,000 cold, nuisance marketing texts to UK consumers between February and April this year in an effort to sell hand sanitiser. The ICO said the company, Digital Growth Experts Limited, “flouted the law in order to profiteer from the coronavirus pandemic”. Read more here.

Facebook and Instagram have said that if the Irish Data Protection Commissioner enforces the European Court of Justice Schrems II ruling that means transferring user data between Europe and the US breaches the GDPR, they are not certain they will be able to continue to provide their services in the EU. Read more here.

Don’t miss another news roundup, subscribe to our mailing list and receive a monthly email with essential data protection news and insights. Subscribe here.

Leave a reply

You must be logged in to post a comment.