By Simon Rice, Group Manager for Technology
The danger of using weak passwords has been exposed again this month after a new website was launched that allows people to watch live footage from some of the insecure cameras across the world. The website, which is based in Russia, accesses the information by using the default login credentials, which are freely available online, for thousands of cameras. Continue reading
By Christopher Graham, Information Commissioner.
The government has today announced that it wants to make it easier for the ICO to fine companies that make nuisance calls or send spam text messages. But what could that mean in practice?
By Christopher Graham, Information Commissioner
Whether it’s buying a DVD from Amazon, a t-shirt from eBay or a song from iTunes – and then telling our friends about our new purchase on Twitter or Facebook – we are increasingly customers of multinational businesses.
This has many advantages for consumers, of course. But for data protection authorities it does bring the concern that any data breach will bring with it wide-ranging complications. It’s not easy to think global if you can only act local.
That’s exactly what we saw with the Sony case last year. One data breach, one company’s customers, but several different data protection authorities, each applying different domestic laws. Continue reading
By Steve Wood, Head of Policy Delivery.
Names are an essential part of our identity. We use them every day, from conversation with friends to official transactions. They are perhaps the archetypal article of ‘personal data’ and can provide information about other aspects of your life such as ethnic background, religion or gender. So, the decision to change them is normally not taken lightly.
The reasons we do so are varied and can range from personal preference, marriage and divorce to personal safety. For a transgender person, changing his or her name can be one of the earliest steps in the process of transitioning to a different gender and is often one of the first indications to the wider world of this change. Changing a name, and for trans* people, gender can bring up a number of data protection issues that organisations should be careful to get right. Continue reading
By Kai Winterbottom, Group Manager, Good Practice.
There’s no doubt information security incidents in the public sector are big news. We’re approaching £5 million worth of civil monetary penalties issued by the ICO to the public sector, and for every one there’s a tale of negative headlines and undermined public confidence.
This is particularly true for those organisations providing essential services, which so often hold the most sensitive information about us, and that is certainly a category that includes the NHS.
But while fines are the headline-grabbing part of our work, we also work proactively with organisations where they’ve held their hand up to ask for help or come to our attention through complaints and self-reported breaches. Continue reading
By Christopher Graham, Information Commissioner
“News is what somebody doesn’t want you to print,” said William Randolph Hearst, the great American newspaper publisher. “All the rest is advertising,” he added.
But when somebody doesn’t want something printed, what are their privacy rights? What does the law say about press freedom and the right of free expression? How does the law balance the competing rights and obligations? Are data protection and journalism opposites that don’t mix, like oil and water? Or are they in fact complementary?
Twenty years a broadcast journalist and another twenty years as a communications regulator of one sort or another, I’d say that the best journalism works within the law, although it often tests the boundaries. Continue reading
By Andrew Paterson, Senior Technology Officer
Picture yourself coming home from work in twenty years’ time. The house alarm reacts to a signal from your car as you pull up on the drive and turns off. The alarm then triggers the doors to unlock. The doors unlocking tells the lights in your house to come on. You’ve already turned the heating on, using a mobile device while you were at work. All of these processes will have taken place because the devices are connected and able to respond to the others’ actions, based on commands you’ve already given or pre-programmed behaviour.
This trend of increasingly network-connected objects has loosely been termed the Internet of Things. And if you’re not familiar with the phrase already, you soon will be.
As well as offering convenience, the Internet of Things also has the potential to save you money. In the UK, the roll out of smart meters is imminent, giving you the opportunity to see how much power your home is using in real time. The devices will allow you to make choices that will not only be reflected on the display, but also in your bill at the end of the month. Continue reading
Posted in Andrew Paterson
Tagged andrew paterson, data protection, devices, gadgets, Internet of Things, IT, location data, personal information, privacy, security, technology, Which?
By Steve Eckersley, Head of Enforcement.
Sometimes the simplest statements are the strongest: to be an effective regulator the ICO needs effective powers. This is especially true when it comes to battling the complex and continuing problem of tackling nuisance calls and texts. The statistics are staggering: in the last year we received 120,000 concerns regarding unsolicited calls and 30,000 concerns regarding texts. And these, of course, are just a small slice of a much larger issue. Across newspapers, social media and radio the message from the public is loud and clear – please put a stop to the spammers.
Until recently one our most effective tools to reduce the number of complaints and tackle those responsible was the civil monetary penalty, with recent research identifying them as a successful sanction that changed behaviour and improved compliance.