DATE December 1, 2020 2:09 pm
POSTED BY Myles Dacres
CATEGORY
Blog
South Korea’s Personal Information Protection Commission (PIPC) has slapped Facebook with a $6.1 million fine for sharing user information without consent. The Korea Communications Commission kickstarted the investigation in 2018 before ultimately handing it off to the PIPC a few months ago. According to Yonhap News, the PIPC determined that...
View Article »
DATE November 27, 2020 10:45 am
POSTED BY Myles Dacres
CATEGORY
Blog
Manchester United are allegedly being held to ransom for millions of pounds by cyber criminals who have crippled the club’s systems. United have brought in a team of technical experts to contain the potentially ‘disastrous’ attack that was launched more than a week ago. T the hackers allegedly still have...
View Article »
DATE November 25, 2020 1:23 pm
POSTED BY Myles Dacres
CATEGORY
Blog
Way back in September the ICO issued its Accountability Framework and the age-appropriate design code of conduct took effect giving operators of information society services until September 2nd 2021 to ensure that their services complied with the 15 principles. The Accountability Framework. The ICO’s Regulatory Action Policy was published setting...
View Article »
DATE November 24, 2020 3:08 pm
POSTED BY Myles Dacres
CATEGORY
Blog
A good deal of Friday and yesterday was spent trying to unravel dataflows and network topography to determine the scope of a customer’s cardholder data environment (CDE). Three interesting channels are currently under scrutiny but today’s job is to get to the bottom of an e-commerce website white labelled by...
View Article »
DATE November 24, 2020 11:53 am
POSTED BY Myles Dacres
CATEGORY
Blog
It’s funny how you remember the first Subject Access Request you ever worked on. It’s like a rite of passage that leaves an indelible mark. The first SAR in question was the first in a spate of inbound SARs back in 2007 when the Outsourced DPO was the outsourced DPO...
View Article »
DATE November 20, 2020 11:03 am
POSTED BY Myles Dacres
CATEGORY
Blog
The decision to leave the EU is causing a period of profound change and uncertainty for British businesses, as we near the end of the transition period, and many things remain unclear in the world of data protection. In the podcast above the DPP consulting unpick the complex issues to...
View Article »
DATE November 19, 2020 10:36 am
POSTED BY Myles Dacres
CATEGORY
Blog
There’s a bit of a debate raging within the consulting team at DPP about the value of privacy and what it will take to persuade the reluctant controllers that they really must comply with the law and really should be taking a best practice approach to privacy management rather than...
View Article »
DATE November 17, 2020 12:42 pm
POSTED BY Myles Dacres
CATEGORY
Uncategorized
The ICO has been cracking down over the last few weeks and some quite substantial fines have been issued. With news like this its clear that now is a good time to look at your own compliance and make sure your business is secure and protected. Recent fines from the...
View Article »
DATE November 17, 2020 9:05 am
POSTED BY Myles Dacres
CATEGORY
Blog
The ICO’s monetary penalty notice issued to Ticketmaster makes interesting if not worrying reading. LOTS of buck passing preceded and arguably slowed identification of the compromise. Indeed, a customer notified Ticketmaster via Twitter about the vulnerability 6 or 7 weeks before Ticketmaster and their incident response team identified it. It...
View Article »
DATE November 16, 2020 11:05 am
POSTED BY Myles Dacres
CATEGORY
Blog
The Outsourced DPO picked up an inbound support ticket this morning querying whether a data processor agreement was still relevant or required amending in light of Brexit and Schrems 2. The processor agreement in question was that issued by the Danish Data Protection Authority, Datatilsysnet which has taken some flak...
View Article »