Charities rely on personal data more than ever before, whether they are processing a donation, running a fundraising event, or providing services. Supporters and service users must give their personal data to you; in some cases, such as prospect research, you will gather the data indirectly, form publicly-available sources. In all cases, trust is key. Two …
With the news that the changes to ePrivacy law have now been delayed until 2020, now is a good time to evaluate whether your organisation’s practices are already in line with existing electronic privacy law. The ePrivacy Regulation is likely to strengthen the current provisions of PECR in similar ways to which GDPR strengthened previous …
What would you say? 20 questions from the ICO The findings from the ICO’s latest Information Risk reviews highlight the many and varied areas that data protection risk touches upon. We turned the findings into the 20 key questions you should ask yourself about data protection at your organisations. Do you have a clear Data …
On the 1st of August a hugely popular website, Reddit, announced that it had been hacked. If you’ve not seen it, Reddit is a vaguely social network (explored further below) where registered members can post links, news and discuss almost anything on a series of message boards. Users need an email address and password but are seemingly anonymous …
In all the hyperbole and misinformation surrounding the General Data Protection Regulation (GDPR) in recent weeks, it may have been easy to miss the UK passing its own updated data protection legislation – the imaginatively titled Data Protection Act 2018 (the Act), which helpfully also came into force on 25th May. This replaces the Data Protection Act 1998, which has …
Data Protection Act 2018- What Does It Mean To You?Read More »
One of the key aspects of data protection law is the concept of Data Controllers and Data Processors. In advance of the GDPR enforcement date (25th May), many organisations are seeking to review, update and amend their agreements with suppliers and partners, to ensure that the documentation doesn’t undermine their compliance with GDPR. For GDPR …
Unless you have been living under a rock for the past few weeks, you will have noticed that Facebook’s business practices have been coming under the microscope of public scrutiny. It’s been well-known for a long time among the data protection and marketing communities that Facebook operates by harvesting, generating and acquiring large amounts of …
Facebook and ‘CA’ – not Cambridge Analytica, but Custom AudiencesRead More »
Under powers granted under the DPA 1998, organisations that process personal data had fees levied to fund the ICO’s data protection work unless they were exempt. When GDPR comes into force on 25th May 2018, this will change. The Existing System Under the existing fee structure, most organisations, including charities are required to pay a …
Not App-y Last week, Digital Minister Matt Hancock MP, released an app aimed at members of his constituency, to help them engage and raise subjects of interest with him as their MP. However, within a few hours of its release, it became evident that the app had major flaws which posed a threat to privacy …