Over the last couple of days, I have posted two articles to my linked in blog, one on the nature of pictures/images as personal data (it is, it’s also special), the earlier is on my 5 things to do for GDPR compliance. …
Fines, Enforcement and good faith
We then considered enforcement trends. The total number of fines is going up; the maximum under the DPA is £½ m, the maximum under the GDPR will be €20m or 4% of global turnover. Today the ICO can fine under two laws, the Data Protection Act and the Privacy and Electronic Communication Regulation (PECR), which regulate Data Controllers and Processors and direct mailing houses respectively. The ICO have taken more interest in the DPA since they gained fining powers. This note looks at the record in court, the change in enforcement powers, and notes that the preponderance of fines have been levied due toinadequate technical protection. …
The coming of the GDPR
Earlier this month I posted a blog on my Employer’s web site categorising what I see as the five key challenges, of recording consent, private by design, compliance record keeping, adequate technical protection and public accountability. …
The coming Chief Privacy Officer
I was asked to contribute to an article on the new legal framework surrounding Data Protection Officers (DPO). I was pleased they took what I consider to be one of the critical contributions I offered, that “Privacy by Design” is a requirements management problem. …
Coming Privacy Law
Yesterday, attended a session convened by the BCS North London branch, called “Data Privacy – How Private is IT?” The presentation was given by two PWC staff members in two parts, the first was a forward looking review at the proposed EU Data Protection Regulation by Kyrisia Sturgeon and the second part a scenario based exploration of good data protection practice led by Pragasen Morgan. To me the coming key changes in the law are that all companies will need to have a qualified data protection officer, and it implements a right to be forgotten, or more accurately a right to be unindexed. …