What does it take?

I wasn't going to blog about Carphone Warehouse being fined £400k by the ICO for a breach, because boring-boring-you've-done-this-before, but then I couldn't help myself. Carphone's offence? A data breach. Resulting from poor maintenance of cyber security on an internet-facing webserver. You remember TalkTalk? They were fined £400,000 just over a year ago. For a … Continue reading What does it take?

Y2K wasn’t a rip-off; neither is GDPR

If 60’s and 70’s programmers had anticipated that their code would still be in use thirty-odd years later, we wouldn’t have needed a massive effort to fix the installed codebase before the century rolled over. But they didn’t, and we did. A lot of money was spent. The world didn’t end on the 1st of … Continue reading Y2K wasn’t a rip-off; neither is GDPR

What we achieve inwardly will change outer reality

Plutarch said it, so it must be true. “What is this?”, I hear you cry. “Have I stumbled upon some new age contemplative dribble when I was looking for sound advice on cyber-security?”. Well, no. Firstly, Plutarch is hardly new-age and secondly that’s all the philosophy you’re getting. This post is actually about Morrisons. There: … Continue reading What we achieve inwardly will change outer reality

Big fines aren’t the big deal

Uber decided to double-down in its race to the moral bottom. Not content with spying on customers, misleading regulators, employing sex-pests and generally having a toxic corporate culture, the taxi-subsidy service tried to conceal a hack that breached the personal details of more than 57m people, including drivers as well as riders. Much is being … Continue reading Big fines aren’t the big deal

Yay! No more “our team” pages

I’ve been re-reading the Article 29 Working Party’s report on workplace monitoring. I mean, who’d be rockstar when you can have my life? Anyway, I thought this section merited reproduction in full: 5.8 Processing operations involving disclosure of employee data to third parties It has become increasingly common for companies to transmit their employees’ data … Continue reading Yay! No more “our team” pages