Organisations that conduct international data transfers have had a frustrating few months. First, the European Court of Justice invalidated the EU–US Privacy Shield, then the UK left the EU without a clear legal basis for transferring personal data. If you’re confused...
Day 371 of the home-working revolution: the rats have comfy new central London homes, small people keep asking me how to do long division and I fear I will never have a Friday fish-and-chip lunch at the pub again. During the...
In the summer of 2018, the incident that privacy obsessives had been waiting for happened: a major data breach, by a household name, in the new GDPR (General Data Protection Regulation) era. Ticketmaster was the victim, having learned that a cyber...
Sooner or later, employees leave – and in almost all cases, they take their organisation’s sensitive data with them. You might think this threat is limited to employees who have been sacked or feel mistreated, but it’s a far more widespread...
Privacy by design is a framework designed to ensure that any new process or tool is designed and built with data privacy in mind. The concept isn’t new, but it has attracted greater attention in recent years as data protection and...
Earlier this month, a former RAC employee was sentenced to eight months’ imprisonment for stealing company data and sharing it with another firm. An ICO (Information Commissioner’s Office) investigation revealed that Kim Doyle transferred RAC customers’ names, mobile phone numbers and...
Seeding is the practice of planting dummy details into a database. Organisations do this so that they can monitor how the information is being handled and identify when it has been misused or breached. The practice is becoming increasingly popular, as...
