Closing the back door on nuisance call directors

By Andy Curry, Enforcement Group Manager.


Since the government changed the law in April 2015 to make it easier for us to fine the companies behind nuisance calls, we’ve issued more than £2.7 million in penalties.

It’s a figure that sends out a clear message that the companies behind this nuisance will be held to account.

Continue reading

Posted in Andy Curry | Tagged , , , , | 1 Comment

Transparency, innovation and building a culture of data confidence and trust

By Jo Pedder, Interim Head of Policy Delivery.


It is often argued that if people are increasingly willing to share information on social media and to allow their data to be collected by mobile apps, they’re presumably less concerned about how their data is being collected and processed. It won’t surprise you to learn that we don’t buy it.

Continue reading

Posted in Jo Pedder | Tagged , | Leave a comment

International Right to Know Day 2016 – Four ways the ICO is helping promote openness by public bodies

By Steve Wood, Interim Deputy Commissioner.

rtkd2016-blogInternational Right to Know Day is an annual occasion designed to promote freedom of information worldwide.

In 2016, 250 years since the launch of the world’s first Freedom of Information law in Sweden, the right to request information from public bodies is as important as ever to democracy.

Continue reading

Posted in ICO, Steve Wood | Tagged , , , , | Leave a comment

Don’t get caught out by subject access requests

By Sally-Anne Poole, Enforcement Group Manager.

sar-blogThe ICO’s recent fine for a data breach at a GP surgery in Hertfordshire was the direct result of a subject access request gone wrong.

The practice revealed confidential details about a patient to an estranged ex-partner because there were insufficient systems in place for staff to deal with subject access requests (SAR).

The fallout in this case was huge distress to the family, damage to the organisation’s reputation and a £40,000 fine. It’s easy to imagine how bad the person responsible for dealing with subject access requests at the practice must feel. And yet such a devastating data breach could so easily have been avoided.

Continue reading

Posted in ICO, Sally-Anne Poole | Tagged , | Leave a comment

The what, why and how of transferring data to the USA

By Steve Wood, Interim Deputy Commissioner.

horizonIt’s more than two years since a then little-known privacy campaigner decided to dispute Facebook’s compliance with EU data protection laws.

Max Schrems’ case would travel from Dublin to Luxembourg, and ultimately have ramifications from Stockholm to Silicon Valley.

Continue reading

Posted in ICO, Steve Wood | Tagged , , | Leave a comment

Public must act to protect themselves when using Internet of Things devices

By Simon Rice, Group Manager for Technology.


Is this creepy website live-streaming YOUR living room? That was the Daily Mail headline in 2014, highlighting a Russian website that was providing links to access internet-connected cameras around the world.

The story was prompted by an ICO blog that had warned that the website had been able to access webcams, CCTV and baby monitor cameras because they had not been made sufficiently secure.

Continue reading

Posted in Simon Rice | Tagged , , , | Leave a comment

GDPR still relevant for the UK

By Steve Wood, Interim Deputy Commissioner.

gdpr-still-relevant-finalIt’s just a few weeks since we set out what guidance organisations could expect and when around a General Data Protection Regulation (GDPR) that was on track to come into force in the UK on 25 May 2018.

The result of the 23 June 2016 referendum on membership of the EU now means that the Government needs to consider the impact on the GDPR.

Continue reading

Posted in ICO | Tagged , , , , , | 2 Comments

Insolvency law – why rogue directors trying to avoid fines face a rocky ride

By Andy Curry, Enforcement Group Manager.


In my blog of April 25, I explained that of the 19 fines we’ve issued since April 2015, we’re still actively pursuing nine that have gone into liquidation or have not paid.

One of the nine being actively pursued is Reactiv Media Limited and I can today confirm that, along with other creditors, we voted to appoint insolvency practitioner Griffins to manage Reactiv Media Limited’s liquidation proceedings.

Continue reading

Posted in Andy Curry | Tagged , , , | 1 Comment

Nuisance calls – the facts behind the headlines

By Andy Curry, Enforcement Group Manager.

newspaper-headlines-blogNuisance calls – and our action to stop them – are again in the headlines today. The government has moved to stop marketing companies from hiding behind ‘caller withheld’ numbers, while we’ve announced that we’ve issued more than £2million in fines over the past year.

But what are the facts behind those headlines? Continue reading

Posted in Andy Curry | Tagged , , , , , | 1 Comment

Private investigator crackdown by ICO

By Damian Moran, Criminal Investigation Team manager.

private-investigator-300-220Private investigators suspected of unlawful practices will be surprised by doorstep visits by officers from the ICO this week.

The action by the ICO’s Criminal Investigation’s team follows intelligence we’ve gathered about the way private investigators (PIs) handle personal data.

The work of PIs involves obtaining, handling and reporting personal information. As such they must comply with the Data Protection Act and be registered as data controllers with the ICO.

Continue reading

Posted in Damian Moran | Tagged , , , , , , , , , | Leave a comment