The Information Commissioner’s Office (ICO) spent the summer flexing its newly acquired GDPR muscles, with one of its primary targets, Marriott International Inc. (“Marriott”) subject to an intention to fine notice of £99,200,396 for infringements of the regulation.
Marriott and BA fined by ICO – what the message is:
There was a naïve hope that the ICO would approach enforcing the new GDPR as gently as it had initially approached the same under the DPA, way back in 1998; some gentle fines and reminders to comply with the law, but basically, as long as you “had a go”, tried to comply, that would be acceptable.
This time last year, the General Data Protection Regulation (GDPR) took effect. Since then, it has undoubtedly been the busiest year to date in data protection compliance. Official figures from the International Association of Privacy Professionals show 375,000 newly registered Data Protection Officers, 280,000 new cases referred to regulators and $56,000,000 worth of fines issued in enforcement actions.
Can an organisation be liable for a GDPR breach by a disgruntled employee?
Breaches of GDPR could give rise to claims by those whose data has been misused, but can an organisation still be liable for breaches which occur as a result of the malicious actions of a disgruntled employee? Who ultimately holds responsibility for ensuring adherence to the Regulation?
e-Privacy Regulation set to follow in the footsteps of GDPR
With GDPR in full swing, marketers are well-versed in the rules around protecting consumer data and the rights concerning consent to personal data use. However, the upcoming e-Privacy Regulation is not yet on the radar of many, posing yet another risk to the way marketers will need to refine their policies to understand the use of personal data and privacy protection through electronic communications.
The European Union’s General Data Protection Regulation (GDPR) which came into force on 25 May 2018 has brought significant new challenges for brand owners, in terms of their ability to enforce trade mark rights.
With less than one month to go until the General Data Protection Regulation applies we know that GDPR is high on everyone’s agenda. It’s never too late to start to think about data protection, and 25 May will mark a significant date in what should be an ongoing journey of compliance.
Whether it’s Facebook in the hot seat over Cambridge Analytica or Messenger consents or councils being fined for data breach, barely an edition of the national press or legal news passes at the moment, without at least one article about data privacy, data security and/or the General Data Protection Regulation (“GDPR”).
GDPR - The top 7 myths we've heard from other businesses
With less than two months to go until the GDPR comes into force we decided to look at some of the most common myths that are coming up in many of our conversations with other businesses. Perhaps you've got some of the same concerns?