CNIL – causes of reported data breaches (May – October 2018)

The CNIL (the French Data Protection Authority) received 742 notifications of personal data breaches (and see the original report in French) that affected over 33 million individuals located in France or elsewhere. 695 related to confidentiality breaches. The accommodation and food services sector had the highest number of breaches – 185. This is due to a specific case… Read More

Legitimate Interests – 3 part test

Legitimate interests (LI) is one of the lawful basis for processing personal data. The ICO say it is appropriate “where you use people’s data in ways they would reasonably expect and which have a minimal privacy impact, or where there is a compelling justification for the processing”. The three parts to the test to identify a LI have been… Read More

Anyone talking about GDPR should include this slide! #ourGDPRstatus

It isn’t hard to find an event at the moment that is specifically about GDPR or includes sessions to cover different aspects of it. With so many companies talking about it and promoting products and services to help prepare for May 2018, you would think/hope they would be the ones that are well on their way… Read More

Will marketing make companies miss the May 2018 GDPR deadline?

We all do marketing to make us stand out from the competition and show the compelling reasons to have the product or service we provide. But sometimes a marketing message doesn’t give the complete picture. For the General Data Protection Regulation (GDPR), this could lead companies to believe they comply but actually have several outstanding issues to address.… Read More

Why keeping information secure is much more than an IT issue

When I ask business owners what they are doing to keep their business information secure, the vast majority say it is an IT issue and I should talk to their IT team or the company used to maintain their IT systems. But what about dealing with risks from your staff, lack of adequate physical security or keeping… Read More

The outlook is Cloudy with possible spells of data protection issues

This isn’t a blog about the weather, but some people may be in for a stormy time if they use apps or services that don’t have good data protection measures in place. The majority of us now use ‘the Cloud’ to provide services or store data. The main players seem to have good data protection policies… Read More

Self-assessment tool to help SMEs with Data Protection

The Information Commissions Office has launched a self-assessment tool to help small and medium-sized enterprises (SMEs) assess their compliance with the Data Protection Act and the key obligations for processing their customers’ or clients’ personal information. Anyone who processes personal information must comply with eight principles of the Data Protection Act, which make sure that… Read More

Sharing too much on social media can be bad for you

Every few months there are stories about criminals taking information from social media sites to commit some type of ‘identity theft’ crime. The majority of stories are not very specific about the impact, or the impact is in an area that would not concern many people. But what if someone can take out a credit… Read More

Windows 10 privacy settings

Windows 10 launched with little of the fanfare seen in previous launches, but those who wanted it already knew when it was coming and were poised to start downloading it. One report said Microsoft hit a maximum bandwidth of 15 Tb/s, ahead of the previous record of Apple’s 8 Tb/s during their last OS push.… Read More