October and November have seen two significant pieces of GDPR enforcement action in Europe with the supervisory authorities in Germany and Austria both issuing multi-million Euro fines for breaches of the GDPR principles. Germany In Germany, the Berlin Data …
Category Archives: Consent
Facial Recognition, Privacy and the GDPR
Categories: Consent, GDPR, Guidance, ICO, SecurityBy Rowenna Fielding Is that a face? Humans are wired to perceive faces – there’s even a name for our tendency to see faces in things that are not people (it’s called ‘pareidolia’), but we have an understanding of context …
GDPR: the seven principles to follow
Categories: Breach, Consent, Data Protection Act 2018, GDPR, ICOLeading up to May 2018 there was a lot of coverage of the incoming GDPR Data Protection (DP) legislation. Organisations of all sorts knew that something needed to be done but weren’t always sure what it was. Consequently, as a …
NHS Foundation Trust leaks patient email addresses
Categories: Consent, Data Protection Act 2018, Data Sharing, GDPR, ICOOn the 6th September the Tavistock and Portman Clinic sent out an email inviting just under 2,000 patients to participate in an art competition. Unfortunately for the clinic, all the email addresses leaked, visible to all the recipients. An initial …
GDPR Webinar – 1 year on, how has case law evolved?
Categories: Consent, Fines, GDPR, TransparencyGDPR Webinar recording now available – click here! In this GDPR webinar, we will look at the latest data protection enforcement action and case law emerging in the UK and across Europe, the issues arising and how to avoid similar …
Facebook CA – Controversy Alert!
Categories: Breach, Consent, GDPR, GuidanceBack in April 2018 we published an insight piece on the lawful basis for using Facebook’s Custom Audiences tool, in which we concluded that relying on legitimate interests as a lawful basis for the use of this feature was unlikely …
5 common mistakes made with DPIAs
Categories: Breach, Consent, Data Protection Act 2018, Data Sharing, GDPR, Guidance, ICO, Public Information, Security, Transparency, UncategorizedWe have outlined 5 common mistakes made with DPIAs. With the GDPR, a DPIA, or ‘Data Protection Impact Assessment’ has moved from being a good practice recommendation to being a mandatory activity for some kinds of personal data processing. The …
5 Tips for Incident Management
Categories: Accuracy, Breach, Brexit, Charities, Charities: ICO, Consent, Data Protection Act 2018, Data Sharing, DFE, Fines, Fundraising, GDPR, Guidance, ICO, Public Information, Security, Transparency, UncategorizedThis article is not a guide about how to handle a notifiable breach. By now, you’re all familiar with the ICO Guidance on that. This piece is about the day to day handling of incidents based on over a decade …
We all know about PECR, right?
Categories: Accuracy, Breach, Charities, Charities: ICO, Consent, Data Protection Act 2018, Data Sharing, Events, Fines, Fundraising, GDPR, ICO, Security, TransparencyAt the Protecture seminar on e-Privacy at the end of November, Rowenna Fielding reminded us that PECR is about more than just consent for electronic direct marketing. I don’t think that Rowenna meant to alarm anyone, just a gentle poke …
Launch of the IRMS Third Sector Retention and Disposal Toolkit
Categories: Accuracy, Breach, Charities, Charities: ICO, Consent, Data Protection Act 2018, Data Sharing, Events, Fundraising, GDPR, Guidance, ICO, Security, TransparencyThe Information and Records Management Society (IRMS) and Protecture were delighted to formally launch the IRMS Third Sector Retention and Disposal Toolkit and Schedule at an event in Central London last week. Attendees from a number of charities, not-for-profits and …