Data Privacy & Cybersecurity

 

Data Privacy & Cybersecurity

Surprise Court of Appeal judgment leaves Morrisons vicariously liable for huge data breach

The increase of large-scale civil litigation is one undeniable consequence of the recent changes in data protection law. One of the most significant recent actions has followed the data breach by Morrisons supermarket, where a disgruntled former employee...

GDPR new password and encryption guidance published

The Information Commissioner’s Office (ICO) has published guidance about passwords and encryption under GDPR. Where passwords are concerned, the guidance gives comprehensive advice on deciding whether password protection is the best option and, if...

ICO brings criminal prosecution for data misuse

In the first case of its kind, the Information Commissioner’s Office (ICO) has successfully prosecuted a man, Mustafa Kasim, under the Computer Misuse Act 1990 (CMA 1990). Mr Kasim, a motor repair technician, has been jailed for six months. He used a...

UK ICO issues warning to Washington Post over cookie consent practices

In a recent report in The Register it was revealed that the Information Commissioner’s Office (ICO) has warned The Washington Post newspaper about infringing the EU General Data Protection Regulation (GDPR) through it’s cookie policy. The ...

No deal Brexit means no data adequacy decision

On 13th November 2018 the European Commission announced that making an adequacy decision in the UK’s favour (i.e. making an official ruling that the UK’s data protection laws were adequate for it to be permitted full rights to continue processing...

Fines escalate over unsolicited emails and data breaches

The Information Commissioner’s Office (ICO) has fined UK marketing firm Everything DM Ltd. £60,000 for sending well over a million marketing emails without sufficient consent. The emails were sent on behalf of clients and appeared to have come...

What about international data transfers if there is a no-deal Brexit?

The UK government’s Department for Digital, Culture, Media & Sport (DCMS) has published guidance on how our laws will work with EU law once Brexit is complete . The guidance does not cover sector-specific requirements such as law enforcement and...

Majority of UK firms not insured against security breaches and data loss

Current estimates are that annual losses to UK businesses from cybercrime exceed £29 billion. Yet research published in the recent Risk:Value report from NTT Security shows that, whilst 81% of the senior executives surveyed believed that adequate...

CYBERSECURITY SERIES: DATA ANONYMISATION

With the increasing concerns around the data held by organisations, questions around how the new GDPR legislation will be interpreted and the impact that this could have on both customer and supplier, many organisations are turning towards anonymisation...

CYBERSECURITY SERIES: INSURANCE

Organisations can typically take steps to “lay off” cyber risk by a combination of the following: Take preventative mitigation measures – pre-event mitigation Lay off risk to third parties under contract – for example, making...
  • Page 1 of 3