Information Commissioner Office

On 21 October 2020, almost a year after the UK’s Information Commissioner Office (ICO) provided draft guidance on the right of access, the ICO published its updated guidance on data subject access requests (DSARs), available here (Guidance).

In a previous post available here, we covered what DSARs are and the principles areas of focus of the draft guidance.

So, what has changed? Overall, the Guidance provides more in-depth advice and further examples to help organisations understand how they can meet Article 15 of the General Data Protection Regulation (GDPR) requirements in handling DSARs.

There are, however, three particular areas of note, where the ICO provided further explanation.
Continue Reading ICO releases updated guidance on data subjects’ right of access

Last month, the Information Commissioner’s Office (ICO) published a response to the government’s call for views and evidence on the draft EU Directive on Network and Information Security (NIS Directive). The ICO’s criticism stemmed from its experience with mandatory data breach notifications from the telecoms sector and included suggestions for modifying the proposed NIS Directive.

This post was written by Cynthia O’Donoghue.

The UK’s First-tier Tribunal (Information Rights) has overturned a monetary penalty issued by the Information Commissioner’s Office (ICO) against the Scottish Borders Council. The £250,000 penalty related to the unsecure disposal of hard copies of council records containing personal data and had been issued by the ICO

The UK’s data protection watchdog, Information Commissioner’s Office (ICO), joins the global initiative for improving website privacy policies organised by the Global Privacy Enforcement Network (GPEN). Nineteen data protection authorities from around the globe will assess and report on the standards of privacy policies used by websites based in their jurisdictions.

In the related Blog