Brexit: six months and counting

In the midst of a global pandemic it’s easy to lose sight of any other news stories. Especially when the story in question is not news, but olds. Brexit is, like, so pre-Covid. But Brexit is still happening, and hidden beneath it is a potential elephant trap for anyone in the UK who trades digitally with Europe. The transition … Continue reading Brexit: six months and counting →

Back to the new normal: privacy, HR & Covid

What do privacy professionals and HR managers need to think about in the context of HR as we plan the return to normal after Covid?

So now what?

How are you going to balance marketing and data privacy when things return to normal?

Don’t dig the hole deeper

Everyone seems to be doing it. How many emails have you received this week with a "Covid-19 update" subject line? Sent by businesses you might have had some kind of contact with at some point in the last 10 years. Dressed up as service emails - even though you don't actually have any kind of … Continue reading Don’t dig the hole deeper →

Privacy still matters

Please, if you're working with personal data as part of the Covid19 response, whether as an employer, a healthcare professional, a privacy specialist or a data scientist, try to think about the possible long term harm you could be causing as you try for short-term good.

Deus ex machina

Since Plato, philosophers have invested countless hours and words on the investigation of ethics. What makes something right or wrong? What do we mean by acting morally or immorally – or indeed amorally. Are good and bad fixed and objective facts, or just opinions relative to your culture, your religion, your circumstances, your place in … Continue reading Deus ex machina →

Ten steps to avoid losing £283m

Only yesterday we saw the first proper fine of the post-GDPR era. A mere £183m. Today we hear that the ICO also intends to fine Marriott hotels just under £100m. More than a quarter of a billion pounds in 48 hours. For context, in the whole of last year the total fines for data protection … Continue reading Ten steps to avoid losing £283m →

It’s time to get ethical

Anyone who cares about privacy has been waiting for the signal to start taking the new Data Protection Act seriously. Frankly, after the big rush to get "GDPR-ready" by May of last year, most organisations seem to have returned privacy to the too-hard pile. Very few have done anything to embed privacy as a living … Continue reading It’s time to get ethical →

Bought-in lists are dead

The ICO has fined a pensions advisor £40k for sending nearly 2m spam emails. So far, so nobody-cares-about-PECR[i]. In fact the fine is pretty low for an infringement of this size. Why? Because the Grove Pension Solutions checked their proposed marketing scheme with a “recognised specialist data protection consultancy” and an “independent data protection solicitor” … Continue reading Bought-in lists are dead →

Who’s in control? (wonkish)

Bit of a technical one for the privacy nerds here. There's an interesting update from the ECJ: The Advocate General proposes to rule that under the Data-Protection-Directive the operator of a website who has embedded on its website a third-party plugin (such as the Facebook Like button), which causes the collection and transmission of the user’s … Continue reading Who’s in control? (wonkish) →