All Information Commissioner's Office articles
-
ArticleFines key attention to data privacy from boards, says ICO head
The threat of fines has done more to focus boardroom attention on data privacy and effective cyber-security than any other measure, U.K. Information Commissioner Elizabeth Denham believes.
-
Article
Trio of U.K. fines expose third-party risks under GDPR
Recent GDPR fines against British Airways, Marriott, and Ticketmaster by the U.K. Information Commissioner’s Office each saw the regulator dismiss claims by the companies that third parties were primarily responsible for the data breaches in question.
-
Article
Ticketmaster UK fined $1.6M under GDPR for 2018 data breach
The U.K. Information Commissioner’s Office fined Ticketmaster £1.25 million (U.S. $1.6 million) for its failures relating to a 2018 data breach by a third party.
-
Article
BA, Marriott fine reductions latest wrench in GDPR enforcement harmony
Lack of clarity on fines has dogged the GDPR since it took effect in May 2018, and the recent dramatic penalty reductions handed down by the U.K. in the cases of British Airways and Marriott certainly won’t help.
-
Article
Anatomy of a 90% fine reduction: How BA saved $200M on GDPR penalty
The U.K. Information Commissioner’s Office agreed to slash its intended GDPR fine for British Airways from £183.39 million (U.S. $230 million) to just £20 million (U.S. $26 million). What was behind the massive reduction?
-
Article
How far is too far with employee monitoring? Barclays case could offer litmus
The U.K. Information Commissioner’s Office is investigating allegations that Barclays Bank had effectively been spying on employees by using an intrusive software system that monitored workers’ activity.
-
Article
Virgin Media could face GDPR pressure after data breach
Virgin Media is likely to be in the GDPR crosshairs after disclosing a recent breach that affected approximately 900,000 customers to the U.K.’s data regulator.
-
Article
GDPR and the elevated role of compliance
The hefty compliance requirements of GDPR are going to require companies to figure out how to separate personal data from the ability to link that data to a specific person. Easier said than done, writes Jaclyn Jaeger.
