GDPR

Cookie consent tools are undermining GDPR

A new study by researchers at MIT, UCL and Aarhus University suggests that most cookie consent pop-ups served to European internet users are likely defying regional privacy laws such as GDPR.The researchers published their findings in a paper titled “Dark Patterns after the GDPR: Scraping Consent Pop-ups and Demonstrating their Influence” which argues that vendors…

A new study by researchers at MIT, UCL and Aarhus University suggests that most cookie consent pop-ups served to European internet users are likely defying regional privacy laws such as GDPR.

The researchers published their findings in a paper titled “Dark Patterns after the GDPR: Scraping Consent Pop-ups and Demonstrating their Influence” which argues that vendors of consent management platforms (CMPs) are engaging in illegal practices, saying:

active consent is required for tracking

Read More

Be the first to write a comment.

Leave a Reply

GDPR

Box boosts cloud security with automated classification

Box has announced that intelligent, automated classification will soon be coming to Box Shield, its advanced security solution for protecting content in the cloud.It will now automatically scan files and classify them based on their content to help businesses detect and secure sensitive data. Box Shield is the fastest growing new product in the company’s…

Box has announced that intelligent, automated classification will soon be coming to Box Shield, its advanced security solution for protecting content in the cloud.

It will now automatically scan files and classify them based on their content to help businesses detect and secure sensitive data. Box Shield is the fastest growing new product in the company’s history and security-conscious and highly regulated organizations including NASA use it to to secure data in the cloud.

  • Secure your data on the go with one of the best secure drives
  • Keep your devices protected online with the best antivirus software
  • Also check out our roundup of the best business VPN solutions

workin

Read More

Continue Reading
GDPR

10 things to consider to ensure GDPR compliance

GDPR (General Data Protection Regulation) was mandated by the European Union and was enshrined in UK Law on 25th May 2018. It goes much further than the original UK Data Protection (of individuals) provisions applying before that date and lays down severe penalties for the officers (Directors, Owners and sometimes Managers) of businesses that do…

GDPR (General Data Protection Regulation) was mandated by the European Union and was enshrined in UK Law on 25th May 2018. It goes much further than the original UK Data Protection (of individuals) provisions applying before that date and lays down severe penalties for the officers (Directors, Owners and sometimes Managers) of businesses that do not comply. 

Fines can be as high as 4% of turnover. Widely reported data breaches have seen British Airways and Marriott Hotels handed fines totalling £300m. 

website of the Information Commissioner’s Office. 

GDPR affects BASDA (The Business Applications Software Developers Association) members both as companies which hold data, for example on their employees and customers, and as providers of business software which enables organisations to hold and process data on individuals. 

Historically almost any information could be held and maintained so long as it was not published. Now any information held about an individual must be fit for purpose (for example, to fulfill any obligations associated with providing a service) and as importantly, must be provided, if requested, to an individual. 

Below are 10 things from BASDA for a business to consider relating to GDPR.

  • Get your taxes in order with the best UK tax software

1. I am a Data Controller. Do I have to register my activities with the GDPR Registrar?

Yes. Data Controllers that hold, maintain and process personal data need to pay a data protection fee to the Information Commissioner’s Office (ICO), unless they are exempt. Currently the fee ranges between £40.00 and £2,500.

(Image credit: Wright Studio / Shutterstock)

2. Who exactly is covered by the provisions of GDPR?

Any individual that believes a Data Controller holds personal data about themselves. This includes employees; client staff; supplier staff; prospective client and supplier staff; people who are sent marketing information about own and third-party products and services etc.

  • Keep your business data secure with the best secure drives available

3. What are my obligations in respect of accessing data I hold?

Individuals have the statutory right to access any personal data a Data Controller may hold about them. This is commonly referred to as ‘subject access’. A request can be made for subject access for full disclosure of all information held by a Data Controller about themselves verbally or in writing and the business has one month to respond. Not responding with full disclosure carries severe penalties for the officers of the business. A fee is not normally chargeable to an individual who makes a request under the provisions of GDPR.

(Image credit: Alexskopje / Shutterstock)

4. What is the information that I may be required to deliver if I receive a request for subject access?

Any information that relates to the subject access, whether held in ‘electronic form’ (to be delivered in paper form), audio recordings, video recordings (then direct copies of these last two) or paper. ‘Electronic form’ includes data held in databases, files (word proccessed, spread sheets etc.) and emails (both business and private).

  • Also check out the best email service

5. How do I ensure internal compliance?

The first step is to

Read More

Continue Reading
GDPR

10 ways businesses can minimize the risk of identity theft

Identity theft has been a huge problem for a long time now, however fraudsters are now getting more sophisticated and trying to stay one step ahead.In the unprecedented midst of a pandemic, we are seeing a sharp increase in all types of fraud.  Experienced fraudsters are exploiting the current chaos and sadly we are seeing…

Identity theft has been a huge problem for a long time now, however fraudsters are now getting more sophisticated and trying to stay one step ahead.

In the unprecedented midst of a pandemic, we are seeing a sharp increase in all types of fraud.  Experienced fraudsters are exploiting the current chaos and sadly we are seeing more people turn to fraud in an attempt to boost their income.

best secure router on the market

  • We’ve built a list of the best ransomware protection around
  • Check out our list of the best malware removal services on the market
  • As an SME, it is important to discuss the risks with your customers and suppliers to increase awareness of suspicious emails and cold calls claiming to be from your business.

    All businesses are different and so your risks and exposure to identity theft will differ. Using some of the points below you should sit down and work out what risks you face, both as a business and on behalf of your customers. Where are the danger points and what can you do to stop them, or at least lessen the risk?

    Ensure you’re GDPR

    Read More

    Continue Reading
    GDPR

    DIFC brings its new data protection law in accordance with international best practice

    The DIFC Data Protection Law does not stipulate a maximum cap on fines, similar to GDPR, but gives the Commissioner discretion to impose a general fine on top of administrative fines, a leading lawyer said.Breaches of the GDPR can give rise to significant administrative fines of up to €10m or €20m or 2% or 4%…

    The DIFC Data Protection Law does not stipulate a maximum cap on fines, similar to GDPR, but gives the Commissioner discretion to impose a general fine on top of administrative fines, a leading lawyer said.

    Breaches of the GDPR can give rise to significant administrative fines of up to €10m or €20m or 2% or 4% of an organisations’ total annual worldwide turnover for the preceding financial year, depending on the provision of the law that has been breached.

    Article 62 of the law, she said grants the DIFC Authority Board of Directors the

    Read More

    Continue Reading