All ICO articles
-
Opinion
Fallout from ‘debanking’ scandal suggests more U.K. bank reforms coming
The former CEO of NatWest’s decision to leak client details to the press regarding Nigel Farage is likely to cost the financial industry millions in new compliance checks as U.K. regulators prepare reviews into how banks treat people with extreme political views.
-
News Brief
TikTok fined $15.9M for violations of U.K. GDPR
Social media platform TikTok was fined £12.7 million (U.S. $15.9 million) by the U.K. Information Commissioner’s Office for using the personal data of children without parental consent and other violations of data protection mandates.
-
Premium
U.K. push for GDPR reprimand transparency draws mixed reviews
The U.K. Information Commissioner’s Office began publishing the details of cases where organizations breached the General Data Protection Regulation but were not fined. Legal experts share their take on the initiative.
-
Premium
Ruling in Experian GDPR case thrusts ‘legitimate interest’ into spotlight
Experian won a legal battle against the U.K. Information Commissioner’s Office after the data regulator ordered the credit reference agency to make “fundamental changes” over the way it handled personal data for direct marketing purposes or stop altogether.
-
Article
ICO warns of ‘complacency’ in fining Interserve $5M under GDPR
The U.K. Information Commissioner warned companies not to ignore “crucial measures” to prevent cyber incidents following his office’s decision to fine construction firm Interserve £4.4 million (U.S. $5 million) for failing to secure employee personal information.
-
Article
ICO guidance stresses importance of reasoning in employee monitoring
The U.K. Information Commissioner’s Office issued draft guidance to help ensure employers’ monitoring of staff performance does not turn into surveillance or harassment.
-
Article
Easylife fined $1.5M under GDPR for profiling customers
The Information Commissioner’s Office fined catalog retailer Easylife £1.35 million (U.S. $1.5 million) for marketing health-related products to individuals without their consent in violation of the U.K. General Data Protection Regulation.
-
Article
TikTok facing $29M fine over U.K. children’s privacy violations
The Information Commissioner’s Office warned social media platform TikTok it could be fined £27 million (U.S. $29 million) for failing to protect children’s data in line with the U.K.’s version of the General Data Protection Regulation.
-
Article
EDPS: U.K. GDPR reforms could create friction with EU
The United Kingdom’s keenness to agree to its own data adequacy decisions with countries like the United States could become a contentious issue with the European Union, according to European Data Protection Supervisor Wojciech Wiewiórowski.
-
Article
ICO fines Clearview AI $9.4M over alleged data privacy lapses
The U.K. Information Commissioner’s Office fined Clearview AI more than £7.5 million (U.S. $9.4 million) for collecting people’s images from internet and social media sites without their knowledge or consent.
-
Article
New ICO head strives for reassurance in first speech
John Edwards, head of the U.K. Information Commissioner’s Office, said he wants to bring greater certainty for companies regarding their data compliance needs, especially if the government’s drive to reduce regulatory burdens results in the EU withdrawing its data adequacy decision.
-
Article
Difficult path ahead for new ICO head John Edwards
The United Kingdom’s newly appointed information commissioner, John Edwards, might find it hard to steer a successful path between ensuring citizens’ data rights are preserved while also trying to make U.K. laws more palatable for data-driven business.
-
Article
Clearview AI facing $22.6M fine over U.K. privacy violations
The U.K. Information Commissioner’s Office has warned Clearview AI it could face a £17 million (U.S. $22.6 million) fine over its use of people’s data to power its facial recognition software.
-
Article
U.K. signals divergence from GDPR with new data transfer approach
The United Kingdom announced plans to strike independent data adequacy decisions with key countries—including the United States—as part of its post-Brexit economic strategy.
-
Article
ICO’s first GDPR fine reduced on appeal
The U.K. Information Commissioner’s Office’s fine against pharmacy Doorstep Dispensaree for violations of the General Data Protection Regulation has been slashed approximately two-thirds on appeal to £92,000 (U.S. $126,000).
-
Article
Fines key attention to data privacy from boards, says ICO head
The threat of fines has done more to focus boardroom attention on data privacy and effective cyber-security than any other measure, U.K. Information Commissioner Elizabeth Denham believes.
-
Article
‘An invaluable asset’: Participants praise opportunity for feedback via GDPR sandboxes
Regulatory sandboxes launched by EU data protection authorities provide firms the opportunity to collaborate and make use of the regulator’s expertise to reduce GDPR compliance risks.
-
Article
Trio of U.K. fines expose third-party risks under GDPR
Recent GDPR fines against British Airways, Marriott, and Ticketmaster by the U.K. Information Commissioner’s Office each saw the regulator dismiss claims by the companies that third parties were primarily responsible for the data breaches in question.
-
Article
Ticketmaster UK fined $1.6M under GDPR for 2018 data breach
The U.K. Information Commissioner’s Office fined Ticketmaster £1.25 million (U.S. $1.6 million) for its failures relating to a 2018 data breach by a third party.
-
Article
BA, Marriott fine reductions latest wrench in GDPR enforcement harmony
Lack of clarity on fines has dogged the GDPR since it took effect in May 2018, and the recent dramatic penalty reductions handed down by the U.K. in the cases of British Airways and Marriott certainly won’t help.