The UK’s Information Commissioner’s Office (ICO) has announced a completion deadline for their code that will translate General Data Protection Regulation (GDPR) requirements into design standards that protect children who access online services.

The code is being refined following a consultation period and will be made final on November 23, 2019.

The ICO stated that

Checklist for drafting your controller-controller data sharing agreement (from the ICO Data Sharing Code of Conduct now out for public consultation):

  • What is the purpose of the data sharing initiative?
  • Which other organizations will be involved in the data sharing?
  • Are we sharing data along with another controller?
  • What data items are we going to

Questions to ask when sharing data between two data controllers (from the ICO Data Sharing Code of Conduct):

  • What is the sharing meant to achieve?
  • What information do we need to share?
  • Could we achieve the objective without sharing the data or by anonymizing it?
  • What risks does the data sharing pose to individuals?
  • Is

The UK Information Commissioner’s Office has issued a data sharing code of conduct for public consultation.

Key takeaways:
  • When considering sharing data, assess your overall compliance with the data protection legislation. Consider conducting a Data Protection Impact Assessment (DPIA) even if not required.
  • It is good practice to have a data sharing agreement. It sets

Beware the unsolicited email.

UK ICO fines a pensions company £40,000 for sending nearly two million direct marketing emails without consent.

Points to note:

  • You can’t generally send marketing emails without receiving the consent of the recipient.
  • Even if you use a third party mailer, it is your responsibility to ensure consent has been duly