ICO had a busy 2018 with the ten largest fines totaling about £5,000,000 and also the first ICO fines levied at the maximum amount for Facebook and Equifax.
As much as Facebook would like to sweep the Cambridge Analytica data scandal under the rug, signs continue to mount that the company is still playing fast and loose with user data. All this raises the question of whether the 2011 FTC settlement that resulted in an 8-count consent decree actually went far enough.
UK's ICO is increasingly active in their efforts to reduce offences in anti-spam regulations and data breaches. In 2017, we witnessed an annual rise in fines of nearly 69 percent, from £2.9 to £4.9 million. A total of 104 companies has been fined a total of £8.7 million for failures since August 2015.
In this final instalment of an ongoing series on the issues that affect compliance in an ever more complex world Teresa Troester-Falklooks at how organisations can demonstrate compliance using an accountability approach.
In this, the final instalment in the series, Pauline C. Reich, Professor and Director of the Asia-Pacific Cyberlaw, Cybercrime and Internet Security Research Institute at the Waseda University School of Law in Tokyo, Japan examines the implications of the recent US v. Apple case in terms of disclosure requirements in…
The use and disclosure of personal data for direct marketing purposes is strictly regulated in Hong Kong with more severe consequences for non-compliance than other breaches of Hong Kong privacy law, and is often found to be significantly more onerous than in other jurisdictions. This article summarises some of the key…
As personal data protection continue to challenge companies it is becoming apparent that the commissions and other structures that police these issues have become impatient with organisations that are not complying with recommendations. For the first time those companies which have suffered a data breach and been found…
South Korea has had a difficult run of data security breaches. The country has stepped up its data privacy regulation and is backed by extensive enforcement measures. What is the basic structure, its key features and enforcement measures? What are the recent changes and their implications?