The Age Appropriate Design Code (“AADC”) - more commonly known as the Children’s Code - has been heralded as the world’s first code to protect children online. Compliance with the AADC became mandatory for in-scope businesses...more
When the regulator has decided to investigate your organisation following a data breach, the remit for the investigation will be wide-ranging and go beyond the narrow circumstances of the breach. Recent decisions shed useful...more
Key to recent ICO decisions has been the ICO’s assessment of the extent and quality of communications with affected individuals and the regulator itself. It is clear the ICO sees certain behaviours (such as the setting up of...more
In this part of our briefing series, we cover how prior regulatory enforcement action affects the assessment of sanctions and some pitfalls associated with undertaking internal security audits.
Who is this relevant for?...more
3/20/2020
/ Corporate Fines ,
Corporate Liability ,
Cybersecurity ,
Data Protection Authority ,
Enforcement Actions ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Internal Audit Functions ,
PCI-DSS Standard ,
Security and Privacy Controls ,
Security Audits ,
UK ,
UK Brexit
What insights into cyber security norms can organisations glean from the UK ICO’s recent enforcement decisions, most of which have been released since the GDPR came into force?
Final fines are still awaited on the UK’s...more