REPRIMAND

To: Mr. S. Claus, Chief Executive Officer, North Pole Enterprises

Of: North Pole The Information Commissioner (the Commissioner) issues a reprimand to North Pole Enterprises (‘Santa Claus’) in accordance with Article 58(2)(b) of the UK General Data Protection Regulation in respect of certain alleged infringements of the UK GDPR. 
The reprimand
The Commissioner has decided to issue a reprimand to North Pole Enterprises i

The US Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (NCSC) have announced the release of the Guidelines for Secure AI System Development.

Microsoft has recently announced the planned retirement of the Microsoft A1 Licenses for Education.  According to Program Updates in Microsoft 365 for Education page the main reason is to limit storage.  Free, unlimited storage plans have become prohibitive and have become a large vector for security risks and fraud. 

On July 18, 2022, the U.K. government introduced the Data Protection and Digital Information Bill to Parliament. Previously known as the Data Reform Bill, it is the result of a consultation from 2021 and its aim is to update and simplify the U.K.’s data protection framework. According to the U.K. government, the new legal framework created by the DPDI Bill will reduce burdens on organizations while maintaining high data protection standards.

The headteacher of a grammar school has left her role after sending parents a list of the teachers going on strike.

The Headteacher at King Edward VI Five Ways Grammar school in Birmingham  had been headmistress for just 18 months when an email she sent to parents is alleged to have named some teachers who would be striking during the planned walkouts last month.

A number of schools have received the below email from a company called IPR Protection.  It is a scam and should be ignored.  

Further information can be found here: https://www.aptma.ie/news-and-events/beware-of-scam-emails

It may be advisable to ask your IT department to block any emails from info@ ipr-protection.com

Recent reports indicate that threat actors/hackers are using Microsoft OneNote to attack organisations when the file is sent as an attachment. Microsoft OneNote attachments use the '.one' file extension - threat actors create templates that appear to be a protected document with a message to 'double-click' a design element to view the file. 

This article is a reminder that Microsoft will stop support for both Windows Server 2012 and Windows Server 2012 R2 after October 10th 2023.  Keeping software up to date on devices is best practice to help prevent cyber attacks and data breaches.

The first child protection complain ever made against Big Tech under UK Law.

Recently there has been an annual study published by Ponemon Institute (sponsored by Experian) entitled “Is Your Company Ready for a Big Data Breach?”. The study looks at the state of breach preparedness across organisations over a period of a year,

With biometric technology becoming more and more prevalent in society, the governance of the personal data that organisations collect from using this technology has recently been a topic of discussion.

The Children’s Code

The first update from the ICO is that the transition year for the introduction of The Children’s Code (also known as The Age Appropriate Design Code) has passed, with the code having come into effect on September 2nd.