Tag Archives: Information Commissioners Office

Lush Avoids ICO Fine After Website Data Breach

Posted on August 18, 2011 by Hunton & Williams LLP

Lush Cosmetics Ltd. (“Lush”) has avoided a monetary penalty for its breach of the UK Data Protection Act 1998.  Instead, the UK Information Commissioner’s Office (the “ICO”) has required Lush to sign an undertaking that obliges the company to “ensure that future customer credit card data will be processed in accordance with the Payment Card Industry Data Security Standard.”

Continue reading…

Tags: , , , , ,

UK ICO’s Annual Report Shows Private Sector Companies Reported Most Security Breaches in 2010/11

Posted on July 7, 2011 by Hunton & Williams LLP

On July 6, 2011, the UK Information Commissioner’s Office (the “ICO”) released its Annual Report and Financial Statements for 2010/11.  Characterizing information as “the currency of democracy,” the report highlights the wide range of the ICO’s activities during the last twelve months, which focused on education and the provision of good practice guidance in addition to enforcement activities.

Continue reading…

Tags: , , ,

Use of Facial Recognition Technology Raises Privacy Concerns

Posted on June 24, 2011 by Hunton & Williams LLP

Recent developments involving the use of facial recognition technology have raised privacy concerns in the United States, Europe and Canada.  As we reported earlier this month, the Electronic Privacy Information Center (“EPIC”) and several other consumer privacy advocacy groups filed a complaint with the Federal Trade Commission against Facebook for its use of facial recognition technology.  According to EPIC’s complaint, Facebook’s Tag Suggestions feature recognizes individuals’ faces based on photographs already on Facebook, then suggests that users “confirm Facebook’s identification of facial images in user photos” when they upload new photos to their Facebook profiles. Continue reading…

Tags: , , , , , , , ,

Over 73,000 GBP Recouped from Former T-Mobile Employees Following Data Theft

Posted on June 17, 2011 by Hunton & Williams LLP

Two former employees of mobile phone provider T-Mobile have been ordered by a court in the United Kingdom to pay £73,700 (approximately $120,000) for the theft of T-Mobile customers’ personal data.  The Chester Crown Court ordered David Turley and Darren Hames to pay £45,000 and £28,700 respectively, under confiscation orders, along with prosecution costs.

Continue reading…

Tags: , , , ,

Hunton Hosts Webinar on Preparing for the EU Cookie Law

Posted on June 13, 2011 by Hunton & Williams LLP

On June 6, 2011, Hunton & Williams hosted a panel discussion on what organizations in the UK, France, Germany and the Netherlands are doing to comply with the EU’s new cookie law.  The webinar, Consent for Cookies: Preparing for the EU Cookie Law, featured David Evans, Group Manager of Business and Industry of the UK Information Commissioner’s Office, and Hunton & Williams Brussels-based associates Olivier Proust, Dr. Jörg Hladjk and Martijn ten Bloemendal.  The panel was moderated by Bridget C. Treacy, partner in the London office of Hunton & Williams.  Listen to the webinar now.

Tags: , , , , , , , ,

UK Chancellor Kenneth Clarke Discusses Data Protection Issues

Posted on June 6, 2011 by Hunton & Williams LLP

On May 26, 2011, the United Kingdom’s Lord Chancellor and Secretary of State for Justice Kenneth Clarke spoke before the EU Committee of the British Chamber of Commerce in Belgium.  His remarks focused on data protection, a subject he characterized as one “heavily on the agenda” in Brussels and in many EU Member States.  Clarke emphasized his own role as a proponent of data protection and a defender of civil liberties and individual freedom, and discussed the introduction into Parliament of a major bill to enhance individual freedom in the UK.  Key measures in the bill, many of which respond to issues raised over the past few years by the UK Information Commissioner, include:

  • Greater independence for the Information Commissioner
  • Safeguards against misuse of counter-terrorism stop and search powers
  • Further regulation of the use of closed-circuit television monitoring
  • Reform of the regulations governing vetting and barring of ex-offenders and persons working with children and vulnerable adults

Continue reading…

Tags: , , , , , ,

Webinar on Consent for Cookies: Preparing for the EU Cookie Law

Posted on May 27, 2011 by Hunton & Williams LLP

On June 6, 2011, join Hunton & Williams for a panel discussion on the implementation of the new EU Cookie Law in the UK, France, Germany and the Netherlands.  EU law on the use of cookies is changing.  Opt-in consent will be required, but specific requirements may differ across the EU.  What are organizations doing to ensure compliance with the new cookie law?  Listen to David Evans, Group Manager of Business and Industry of the Information Commissioner’s Office, explain the steps that UK organizations are expected to take.  Learn about cookie compliance in France, Germany and the Netherlands.  Register now for this complimentary webinar.

Update: A recording of the webinar is now available online.

Tags: , , , , , , ,

UK ICO Gives Websites One Year to Comply with New Cookies Law

Posted on May 25, 2011 by Hunton & Williams LLP

On May 25, 2011, the UK Information Commissioner’s Office (the “ICO”) issued a news release stating that organizations and businesses that run websites aimed at UK consumers will be given up to 12 months to “get their house in order” before enforcement of the new cookie law begins.  Information Commissioner Christopher Graham made it clear, however, that “[t]his does not let everyone off the hook.  Those who choose to do nothing will have their lack of action taken into account when we begin formal enforcement of the rules.” Continue reading…

Tags: , , , ,

UK Cookie Law Requires Opt-in Consent

Posted on May 14, 2011 by Hunton & Williams LLP

From May 26, 2011, UK law regulating the use of cookies on websites will change from an opt-out regime, to one requiring prior opt-in consent.  This change poses significant practical challenges for website operators.  In guidance on the new regulations, the UK Information Commissioner has acknowledged the challenge but warned that website operators must take steps now to ensure that they are ready to comply. Continue reading…

Tags: , , , ,

UK ICO Releases Code on Data Sharing

Posted on May 12, 2011 by Hunton & Williams LLP

On May 11, 2011, the UK Information Commissioner’s Office (the “ICO”) published a new statutory code of practice on the sharing of personal data.  As stated in the ICO’s press release, the code of practice covers best practices for both routine and one-off data sharing activities, and offers organizations tips for reducing the risk of inappropriate or insecure data sharing.  By helping organizations understand how to share data appropriately, the code of practice should facilitate compliance with the Data Protection Act and minimize the risk of enforcement actions by the ICO or other regulators.

Continue reading…

Tags: , , ,