Personal Data Protection

Facial Recognition Technology (FRT) has been gaining increasing attention in the UK education sector in recent years. It is being used to monitor attendance, detect security threats, and to improve the safety of students and staff. The most widely used type of facial recognition technology is biometric authentication, which uses a person’s unique physical characteristics […]

The ICO Children’s Code, also formally known as the Age Appropriate Design Code, supports organisations to design digital services that meet children’s needs, respect their rights, and help them to explore, play, and grow online. The code is grounded in the UN Convention on the Rights of the Child (UNCRC) which states in Article 3:

The Information Commissioners Office (ICO) published a post on LinkedIn recently which reminded businesses about the importance of respecting individual’s preferences about direct marketing. With the potential for challenging times for business in 2023 the temptation to bombard people with emails and texts in the hope of attracting extra business is huge. The potential for

Nearly all companies use some form of direct marketing to generate leads and grow their business. Profiling prospects can make targeting those who are most likely to buy your products or services easier and your direct marketing effort more effective. The Information Commissioners Office (ICO) does not want privacy legislation becoming a barrier to effective

At the end of November 2022, the Information Commissioners Office (ICO) and The Office of Communications (Ofcom) issued a statement setting out their plans to work together ‘to ensure coherence between the data protection and the new online safety regimes’. Ofcom’s role in online safety and personal data protection will increase with the new Online

The National Association of Data Protection Officers (NADPO) held their annual conference, in November 2022. Information Commissioner John Edwards keynote speech was insightful and challenged some of the myths that have grown up around regulator enforcement. Whilst his speech was concerned principally with the public sector there are lessons to be drawn for the private

Age assurance refers to a range of measures which allow organisations to prevent children from accessing services which are inappropriate for their age. It is also used to tailor services to suit children’s developmental needs. The Office of Communications (Ofcom), which regulates broadcasting and telecommunication activities, and the ICO have a mutual interest in ensuring

Over the last two blogs we have been examining the 12 steps which organisations were advised to take to prepare for the introduction of GDPR. This time we will look at the final four steps in the process: 9. Personal Data breaches – Organisations need to have the right procedures in place to detect, report

Last month we started looking at the 12 steps which organisations should have taken to prepare for the introduction of GDPR. This is still a very useful approach for determining your compliance status. In the previous blog we looked at the first four steps. Here we will look at steps 5-8: 5. Data subject access

The ICO says: “Accountability is one of the key principles in data protection law – it makes you responsible for complying with the legislation and says that you must be able to demonstrate your compliance.”