Data Sharing

Cookie D’oh!

With the news that the changes to ePrivacy law have now been delayed until 2020, now is a good time to evaluate whether your organisation’s practices are already in line with existing electronic privacy law. The ePrivacy Regulation is likely to strengthen the current provisions of PECR in similar ways to which GDPR strengthened previous …

Cookie D’oh!Read More »

What would you say? 20 questions from the ICO

What would you say? 20 questions from the ICO The findings from the ICO’s latest Information Risk reviews highlight the many and varied areas that data protection risk touches upon. We turned the findings into the 20 key questions you should ask yourself about data protection at your organisations. Do you have a clear Data …

What would you say? 20 questions from the ICORead More »

Facebook and ‘CA’ – not Cambridge Analytica, but Custom Audiences

Unless you have been living under a rock for the past few weeks, you will have noticed that Facebook’s business practices have been coming under the microscope of public scrutiny. It’s been well-known for a long time among the data protection and marketing communities that Facebook operates by harvesting, generating and acquiring large amounts of …

Facebook and ‘CA’ – not Cambridge Analytica, but Custom AudiencesRead More »

A Wealth of Data – Using Public Information

The latest investigation by the Daily Mail into the use of publicly-available personal information has hit the headlines. This time, the activities of university alumni and development teams is under the spotlight. Sadly, it’s the same mixture of issues first aired into the conduct of charities back in late 2016. The article has the same, …

A Wealth of Data – Using Public InformationRead More »

Changes to the ICO Subject Access Code of Practice

The right of an individual to be told whether an organisation is processing their personal data and be given access to that data (“subject access”) is a significant one in data protection law, and was the most common type of concern reported to the ICO in 2016/17. Following the resolution of the legal cases dealing …

Changes to the ICO Subject Access Code of PracticeRead More »

Updating consent – implications of the Flybe and Honda fines

On 27th March 2017, the ICO issued Monetary Penalty Notices to Honda and Flybe, having determined that their approaches to confirming customers’ contact details and marketing preferences were not compliant with PECR (The Privacy & Electronic Communications Regulations 2003). Since these fines were issued, there has been some concern about whether this means that verification …

Updating consent – implications of the Flybe and Honda finesRead More »

Fifty Shades of Screening – Fundraising and Regulatory Compliance

The ICO’s new guidance addresses key questions that remained unanswered following the RSPCA and BHF fines: Do you need consent to undertake wealth screening? Is it compliant to use publicly available personal information for fundraising purposes? First, this is a complicated area of law…so don’t believe everything you read: the Data Protection Act (DPA) is …

Fifty Shades of Screening – Fundraising and Regulatory ComplianceRead More »

First fundraising data protection fines – secrecy and sharing at the heart of poor practice

The ICO has published initial details of the fines handed to the Royal Society for the Prevention of Cruelty to Animals (RSPCA) and British Heart Foundation (BHF). The charities’ approach to wealth screening; data / tele-matching and data sharing triggered the fines. The ICO exercised considerable discretion to significantly reducing the fines – in recognition …

First fundraising data protection fines – secrecy and sharing at the heart of poor practiceRead More »

Police want right to see medical records without consent

This interesting article appeared recently (Sunday 10th August 2014). Sir Peter Fahy, the Greater Manchester chief constable, talks about the Police needing new and expanded rights to access medical records and other confidential data without an individual’s consent. At present, the police (like any other agency or body) can request access to someone’s personal information …

Police want right to see medical records without consentRead More »

Scroll to Top