- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Neil Hodge2023-11-16T15:54:00
In a rare move, the U.K.’s data regulator clarified former NatWest Chief Executive Alison Rose did not breach the General Data Protection Regulation (GDPR) when she briefed a journalist about the bank’s decision to ax the account of right-wing commentator Nigel Farage.
On Nov. 6, the Information Commissioner’s Office (ICO) issued a public apology to Rose for inferring she breached the GDPR for releasing details about Farage’s accounts and that she—rather than NatWest—was under investigation for it.
Organizations that control personal data are generally the subject of data protection law. As such, NatWest—not Rose—is the “data controller” and therefore subject to ICO oversight.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Register for free
Access one free, non-premium article each month.
Complimentary CPE webcasts, resources, and e-Books.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
The Information Commissioner’s Office updated its data protection fining guidance to provide companies with greater transparency and clarity about how and why it would issue penalties for a breach of the U.K. General Data Protection Regulation or Data Protection Act 2018.
An independent review into how NatWest handled the closure of politician Nigel Farage’s Coutts account uncovered potential regulatory breaches by the bank that are on the radar of the U.K. Financial Conduct Authority.
The furor over NatWest Group’s decision to monitor and close the account of right-wing Brexit campaigner Nigel Farage—and then disclose the details to a journalist—has raised questions regarding whether other banks employ the same means to get rid of undesirable customers.
Big Tech firms might need to rethink their plans to charge users for not selling their personal data for behavioral advertising following a decision by Europe’s primary data regulator.
The California Privacy Protection Agency warned businesses to stop asking for excessive information from consumers who have requested to opt out of having their data collected or who are otherwise exercising their privacy rights under the California Consumer Privacy Act.
The U.S. Department of Transportation is looking to thwart the nation’s 10 largest airlines from monetizing passenger data or selling it to third parties.
