data protection – Page 2

Fines, Enforcement and good faith

We then considered enforcement trends. The total number of fines is going up; the maximum under the DPA is £½ m, the maximum under the GDPR will be €20m or 4% of global turnover. Today the ICO can fine under two laws, the Data Protection Act and the Privacy and Electronic Communication Regulation (PECR), which regulate Data Controllers and Processors and direct mailing houses respectively. The ICO have taken more interest in the DPA since they gained fining powers. This note looks at the record in court, the change in enforcement powers, and notes that the preponderance of fines have been levied due toinadequate technical protection. …

The coming of the GDPR

Earlier this month I posted a blog on my Employer’s web site categorising what I see as the five key challenges, of recording consent, private by design, compliance record keeping, adequate technical protection and public accountability. …

Coming Privacy Law

Yesterday, attended a session convened by the BCS North London branch, called “Data Privacy – How Private is IT?” The presentation was given by two PWC staff members in two parts, the first was a forward looking review at the proposed EU Data Protection Regulation by Kyrisia Sturgeon and the second part a scenario based exploration of good data protection practice led by Pragasen Morgan. To me the coming key changes in the law are that all companies will need to have a qualified data protection officer, and it implements a right to be forgotten, or more accurately a right to be unindexed. …