Boom! It begins. ICO posts first GDPR enforcement notice.

Finally, we begin to see some enforcement of the Regulation we all worked so hard to be ready for by May. The ICO has sent an enforcement notice to - of all people - a Canadian data firm linked to the Brexit vote micro-targeting scandal. The regulator contends that AggregateIQ obtained and processed data without … Continue reading Boom! It begins. ICO posts first GDPR enforcement notice.

Why do we need data protection laws?

Here's why: https://www.bloomberg.com/news/articles/2018-08-30/google-and-mastercard-cut-a-secret-ad-deal-to-track-retail-sales Short version - if you buy something in a US store with your Mastercard, they tell Google about it. Google then reconciles your purchase with your advertising exposure while logged in with a Google account, and sends a report to advertisers to show how on-line ads drive offline sales. This is, of course, … Continue reading Why do we need data protection laws?

The ICO reads my blog!

[Link updated as the ICO has moved its blog] On the 25th of April, I wrote GDPR: you're all getting it wrong. On the 9th of May, Steve Wood (the Deputy Commissioner) wrote this: https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2018/05/blog-raising-the-bar-consent-under-gdpr/ See? I may be a voice in the wilderness, but I'm not (always) wrong.

What does it take?

I wasn't going to blog about Carphone Warehouse being fined £400k by the ICO for a breach, because boring-boring-you've-done-this-before, but then I couldn't help myself. Carphone's offence? A data breach. Resulting from poor maintenance of cyber security on an internet-facing webserver. You remember TalkTalk? They were fined £400,000 just over a year ago. For a … Continue reading What does it take?

Y2K wasn’t a rip-off; neither is GDPR

If 60’s and 70’s programmers had anticipated that their code would still be in use thirty-odd years later, we wouldn’t have needed a massive effort to fix the installed codebase before the century rolled over. But they didn’t, and we did. A lot of money was spent. The world didn’t end on the 1st of … Continue reading Y2K wasn’t a rip-off; neither is GDPR

What we achieve inwardly will change outer reality

Plutarch said it, so it must be true. “What is this?”, I hear you cry. “Have I stumbled upon some new age contemplative dribble when I was looking for sound advice on cyber-security?”. Well, no. Firstly, Plutarch is hardly new-age and secondly that’s all the philosophy you’re getting. This post is actually about Morrisons. There: … Continue reading What we achieve inwardly will change outer reality