The cyber attack stemmed from a phishing email and impacted some 113,000 people. The government supplier was also faulted for not following up on an antivirus alert as well as having outdated systems and inadequate staff training in place.
UK ICO has reached a provisional finding that TikTok failed to protect children's privacy from 2018 to 2020. If this finding holds up, TikTok could be on the hook for a £27 million fine.
New Data Protection Standards for Adtech Companies Proposed by UK ICO, But Actual Changes Remain Questionable as Leadership Changes Hands
A new Commissioner's Opinion issued by the UK's ICO reiterates the country's data protection standards and lays out its vision of future regulation plans for adtech companies.
Issuing GDPR Fines Is One Thing, Collecting Them Is Another; UK ICO Struggling To Enforce Actions as 74% Of Penalties Remain Unpaid
Issuing GDPR fines is just the first step of the process; at some point they have to be collected, and the UK ICO is struggling to do that with only a 26% success rate.
UK ICO Commissioner’s Plan To Address “Endless” Cookie Popups Resembles Browser “Do Not Track” Initiatives
Outgoing UK Information Commissioner Elizabeth Denham has suggested a shift in focus from individual cookie popups at each website to regulation of browsers and devices as the source of expressing user tracking preferences.
The 2018 Marriott data breach was one of the biggest of its type in history, and was initially looking at receiving one of the biggest fines of £99 million. However, the UK ICO has reduced the penalty to £18.4 million.
UK ICO Takes Action Against Experian for Data Broking Practices; “Invisible” Personal Data Processing Must Be Reformed Within Nine Months
Experian’s data broking department providing marketing analytics is in trouble with the UK ICO, requiring it to make major changes to its direct marketing services.
UK ICO Levies GDPR Fine of £20 Million for British Airways 2018 Data Breach, Substantially Less Than the Initial £183 Million
One of the largest GDPR fines to date, the UK ICO's decision found that the travel giant was negligent due to ‘poor security arrangements’ creating a hole that was exploited for two months.
UK ICO is investigating claims of employee surveillance that include using tracking software to determine when and for how long employees were away from their desks.