A group of UK MPs wrote a letter to the UK Information Commissioner’s Office demanding stronger data protection enforcement.

“It is imperative that you take action to establish public confidence – a trusted system is critical to protecting public health. The ICO has powers to compel documents to understand data processing, contractual relations and the

Following a decision from the Court of Justice of the EU, the UK Information Commissioner’s Office changed its guidance on how to calculate the GDPR 30-day time limit for data subject requests.

Per the ICO: “You should calculate the time limit from the day you receive the request (whether it is a working day or

Beware the unsolicited email.

UK ICO fines a pensions company £40,000 for sending nearly two million direct marketing emails without consent.

Points to note:

  • You can’t generally send marketing emails without receiving the consent of the recipient.
  • Even if you use a third party mailer, it is your responsibility to ensure consent has been duly

The UK Information Commissioner’s Office (ICO) has issued expanded guidance on “Personal Data” under the EU General Data Protection Regulation (GDPR).

Here are the highlights:

Pseudonymization does not change the status of the data as personal data. To truly anonymize under the GDPR, you must strip personal data such that the individual can no longer