This is more of a reminder than anything else. I've already blogged about the risks of a hard Brexit from a data protection compliance perspective, and we've featured it in our October newsletter at Securys. But now the ICO has also said similar things, and the government is moving to "full hard-Brexit preparation". So it's … Continue reading Hard Brexit preparation
We were worried this was going to happen. So much so that we flagged it in our October newsletter. This is section 25 of the European Commission's current draft contingency plan for a no-deal Brexit: Personal data25 In the case of a no deal scenario, as of the withdrawal date, the transfer of personal data … Continue reading Well, there you go. We’re inadequate.
Finally, we begin to see some enforcement of the Regulation we all worked so hard to be ready for by May. The ICO has sent an enforcement notice to - of all people - a Canadian data firm linked to the Brexit vote micro-targeting scandal. The regulator contends that AggregateIQ obtained and processed data without … Continue reading Boom! It begins. ICO posts first GDPR enforcement notice.
Here's another thing people are getting wrong. Just because your data isn't stored inside the EEA - wait, you thought it had to be inside the EU? wrong! - doesn't mean you should panic and repatriate it. What you need to do is check whether wherever you've put it has an adequacy decision. A what? … Continue reading Where’s your data? (Second reprise)
What is it? Despite the name, it’s not a feminine hygiene product. It’s the long-awaited replacement for Safe Harbour, the data protection scheme allowing data on EU citizens to be exported to the US for processing. You can read more on this blog about why Safe Harbour needed replacing. When does it take effect? It … Continue reading Privacy Shield – (some of) what you need to know
Bremain or Brexit? This isn’t a political blog, but it’s worth reminding ourselves of June 23rd’s implications for IT & cyber-security. Privacy and personal data Even if we leave the EU, we’ll still have to implement the General Data Protection Regulation, only to have to re-invent it later. If we want to trade with the … Continue reading In or out – the tech perspective
Just a snippet: Experian, the consumer credit rating agency, is touting itself as the next big thing in targeted marketing. Combine your credit history with some recent transaction data and the claim is they’ll be able to predict your future shopping activity. All sounds a bit Big Brother? Sure, and if you’re in advertising or … Continue reading Stifling innovation or protecting privacy?