LAST WEEK IN PRIVACY & DATA PROTECTION

The Last Week in Privacy & Data Protection is a weekly newsletter provided to you by Data Privacy Recruitment Ltd.In it we gather the most important, business relevant, and generally interesting news articles, court judgments, and professional opinions related to privacy and data protection.

32nd Weekly Newsletter -> 10–17 February 2017

___________________________________________________________________

Sports Retailer Did Not Notify its Employees of Data Breach

Last year sport retailer Sports Direct suffered a data breach which was reported to the Information Commissioner’s Office. The ICO confirmed that it was informed about the incident and was making enquiries. But according to some reports Sports Direct did not notify the staff whose data may have been compromised. If true this is especially problematic, because the attack targeted a system that Sports Direct used to run a staff portal and the breach saw employees’ unencrypted data stolen.

Under the GDPR regime companies will be required to declare a data breach within 72 hours. According to the ICO’s current guidelines, it is important that companies notify individuals who may have been affected by the data breach so that they can take precautions to protect themselves.

Read more HERE

___________________________________________________________________

A29WP Worried About President Trump’s Crack Down on Illegal Immigration

Article 29 Working Party (A29WP) also known as EU’s data privacy watchdogs seeks assurance from U.S. authorities that the new proposed measures by Donald Trump will not render the transatlantic data protection pact invalid. Trump signed an executive order aiming to toughen enforcement of U.S. immigration law, under which the agencies have to “exclude persons who are not U.S. citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information.” A29WP are particularly concerned about any impact Trump’s order may have on the Privacy Shield framework agreed upon last year and which enables companies to seamlessly transfer EU citizens’ data to the USA.

Read more HERE

___________________________________________________________________

UK ICO Fines Credit Broker

Last week UK Information Commissioner’s Office (ICO) fined a credit broker Digitonomy Ltd £120,000 for sending millions of marketing texts without first obtaining a proper consent. Between April 2015 and February 2016 there were 1,464 complaints about the spam messages which encouraged people to apply for loans and directed them to company websites. Digitonomy used affiliate marketing companies to send out over five million messages offering cash loans as part of a marketing campaign. While Digitonomy did provide examples of the obtained consents, the type of consent was not sifficient for sending marketing text messages because companies must obtain people’s specific permission before doing so.

Read more HERE

Read the Penalty Notice HERE

___________________________________________________________________

Curated by Jernej Mavrič, email: jm@dp-recruitment.com

___________________________________________________________________

Follow us on Twitter @LastWeekInPDP and visit our WEBSITE

For privacy jobs and vacancies follow @dprecruitment