News

Another week, another Facebook story. Don’t worry, we're not slowly becoming a Facebook news outlet, they just keep making headlines in the world of data protection, and this time seemingly for a positive reason.

On September 9th, the UK Government published their Consultation Paper on Reforms to the UK Data Protection Regime-'Data: A New Direction', where they outlined proposed changes to GDPR since leaving the EU.

How to share this year’s Nativity play online safety

Schools will have good intentions in wanting to share this year’s Nativity play online. But how do you ensure you do this safely and adhere to the latest data protection regulations? Below is some guidance which will support you in this task.

Over the past few years, there has been a positive drive towards imposing greater regulations on organisations and how and when they collect user data. Users now have more control than ever on being able to consent to the collection of different types of data by apps.

As we’ve spoken about before in past articles, since the pandemic there has been a worrying increase in cyber attacks, with the education sector seeing the highest increase and total number of attacks. Our article on this can be read on our news page.

Judge rules that Amazon Ring doorbells breach GDPR:

A judge in Oxford County Court has ruled that audio recordings from an Amazon Ring doorbell have breached data protection laws. The case involved an individual taking their neighbour to court, stating that the numerous recordings they had from their various cameras they had set up outside their house amounted to harassment and a breach of the Data Protection Act 2018.

With cyberthreats becoming an increasingly worrying issue for organisations and the security of the data they hold, we thought it would be beneficial to write a weekly cyber security threat report

The ICO has published a new code of practice entitled the ‘Data Sharing Code’. The code came into force on October 5th 2021, after being published on September 14th 2021. DLA Piper provides a good overview of the new code of practice, a summary of which can be found below, however if you wish to read their article on the code, you can find it here.

Under UK GDPR, organisations that hold personal information/data about people have a responsibility to ensure that that data is being dealt with in line with the relevant legislation.

Apps targeted at Children removed from the App Store for failing to have a privacy policy

We will be releasing the Phishing Simulation to all schools over the next three weeks. We are currently finalising scenarios and implementation materials prior to final user testing and release.

At Data Protection Education, we are currently working on contacting all school suppliers with the aim of receiving all of their privacy policies and data agreements to ensure they are being GDPR compliant.

The Children’s Code

The first update from the ICO is that the transition year for the introduction of The Children’s Code (also known as The Age Appropriate Design Code) has passed, with the code having come into effect on September 2nd.

Recording staff vaccination data

Firstly, a couple of links as reference...though they don't really tell you the answer - especially the second one which doesn't seem to have been updated post-August 16th:

Schools in Brighton and Hove have received the following Freedom of Information request:

1. Please send me copies/scans/digital files that record individual racist/religious incidents/bullying incidents in terms of numbers of incidents and their

Many schools in Brighton may have received a Freedom of Information Request relating to the ‘Racial Literacy training 101’ as part of the Brighton & Hove Educators of Colour Collective (BHECC) and the councils Community Advisory Group (CAG).

The National Cyber Security Centre has today upgraded it's advice to schools relating to the prevalence of cybers attacks in the sector:

We've looked at the importance of an adequacy decision to allow the free-flow of data between the United Kingdom and Europe in our earlier articles on Brexit. Finally, although in reality quite quickly, we have a decision - with draft adequacy decisions from the European Commission.

These protocols aim to ensure that online lessons with pupils when working from home, are safe, secure and continue to provide high-quality education using a virtual platform. 

This is guidance for setting up and managing online lessons using the school’s chosen platform ie  Zoom; Google or Microsoft teams.

We've had some questions now that the privacy notice in the COVID-19 National Testing Programme: Schools & Colleges handbook has been published.

The link to the Handbook seems to be broken, but we have a copy here:

Purely from a data protection perspective!

There are various provisions around data in the UK-EU Trade and Cooperation Agreement.