For most organisations, a lot of thought and care goes into ensuring that when you’re collecting data, you are complying with the relevant data protection legislation- that it’s being collected with consent where required, that you have a lawful basis etc. However,
How to share this year’s Nativity play online safety
Schools will have good intentions in wanting to share this year’s Nativity play online. But how do you ensure you do this safely and adhere to the latest data protection regulations? Below is some guidance which will support you in this task.
The Children’s Code
The first update from the ICO is that the transition year for the introduction of The Children’s Code (also known as The Age Appropriate Design Code) has passed, with the code having come into effect on September 2nd.
A recent study conducted by Check Point Research which can be found at the bottom of this article has found that there has been a 29% increase in cyberattacks on organisations in the education sector since 2020, the highest increase of any sector.
Over the past few years, there has been a positive drive towards imposing greater regulations on organisations and how and when they collect user data. Users now have more control than ever on being able to consent to the collection of different types of data by apps.
The National Cyber Security Centre has today upgraded it's advice to schools relating to the prevalence of cybers attacks in the sector:
Cyber attacks are on the up, and with the education sector seeing the highest number of cyber attacks of any sector since the start of the pandemic, as well as the highest increase in attacks in that same period
As we’ve spoken about before in past articles, since the pandemic there has been a worrying increase in cyber attacks, with the education sector seeing the highest increase and total number of attacks. Our article on this can be read on our news page.
We've looked at the importance of an adequacy decision to allow the free-flow of data between the United Kingdom and Europe in our earlier articles on Brexit. Finally, although in reality quite quickly, we have a decision - with draft adequacy decisions from the European Commission.
Our news story this week is from TechCrunch, who have an article regarding The European Data Protection Board (EDPB), who have called for the EU to phase out, and eventually prohibit the use of targeted advertising
Under UK GDPR, Public Authorities or Bodies, as well as businesses carrying out certain processes are required to appoint a Data Protection Officer (DPO). This article will explain why you need a DPO and what a DPO does for your organisation.
Purely from a data protection perspective!
There are various provisions around data in the UK-EU Trade and Cooperation Agreement.
This year, and in particular since the start of this academic year, we’ve been adding new areas to the already extensive functionalities that the Knowledge Bank offers your organisation.
Judge rules that Amazon Ring doorbells breach GDPR:
A judge in Oxford County Court has ruled that audio recordings from an Amazon Ring doorbell have breached data protection laws. The case involved an individual taking their neighbour to court, stating that the numerous recordings they had from their various cameras they had set up outside their house amounted to harassment and a breach of the Data Protection Act 2018.
As we all know, on 31 December 2020, the Transition Period (sometimes also referred to as the “Implementation Period”) under the EU-UK Withdrawal Agreement will come to an end. And one of the areas still in the mix is data protection, so what is the status now and what changes?
On the 10th of November 2021, The Supreme Court announced their long awaited decision regarding a lawsuit between Mr Lloyd and Google. The court found unanimously in favour of Google, and dismissed the Court of Appeal’s previous decision.
The ICO has published a new code of practice entitled the ‘Data Sharing Code’. The code came into force on October 5th 2021, after being published on September 14th 2021. DLA Piper provides a good overview of the new code of practice, a summary of which can be found below, however if you wish to read their article on the code, you can find it here.
Download our latest flyer:
With biometric technology becoming more and more prevalent in society, the governance of the personal data that organisations collect from using this technology has recently been a topic of discussion.
Under UK GDPR, organisations that hold personal information/data about people have a responsibility to ensure that that data is being dealt with in line with the relevant legislation.
We know the jargon can be confusing. As can the timelines for responding to the various requests that you receive.
Is it a month? Or 30 days? Are those working days?
So here's a little chart to simplify everything:
You may be aware that the UK government is currently holding a consultation "Data: A new direction" on the future of data protection law and regulation in the UK.
Here are some thoughts on our opinion.
Apps targeted at Children removed from the App Store for failing to have a privacy policy
The National Cyber Security Centre, a part of GCHQ, is supporting educational establishments to keep criminals out of their networks after a spike in ransomware attacks. The rise in attacks was recorded in August as cybercriminals turn their attention to a sector focused on the return of students.
Another week, another Facebook story. Don’t worry, we're not slowly becoming a Facebook news outlet, they just keep making headlines in the world of data protection, and this time seemingly for a positive reason.
At Data Protection Education, we are currently working on contacting all school suppliers with the aim of receiving all of their privacy policies and data agreements to ensure they are being GDPR compliant.
Some of you may have seen in the press the long-running legal dispute of Various Claimants vs Morrisons, which after starting in the High Court in 2017 has finally seen a ruling issued by the Supreme Court.
On September 9th, the UK Government published their Consultation Paper on Reforms to the UK Data Protection Regime-'Data: A New Direction', where they outlined proposed changes to GDPR since leaving the EU.