The UK’s third generation of data protection law has entered Parliament.
The Data Protection Bill was published on 14 September 2017 and aims to modernise data protection laws to ensure they are effective in the years to come.
The Information Commissioner’s (ICO) website has been updated to include a new section about the Data Protection Bill.
This explains the relationship between the Bill and the GDPR, detailing the additional areas the proposed new legislation covers. It also includes links to the ICO’s GDPR and Law Enforcement pages and to a Data Protection Bill fact sheet.
When the General Data Protection Regulations (GDPR) come into effect next year there will no longer be a requirement to notify the Information Commissioner’s Office (ICO) as there is now.
There is a provision in the Digital Economy Act which means it will remain a legal requirement for data controllers to pay the ICO a data protection fee. These fees will be used to fund the ICO’s data protection work. As now, any money the ICO receives in fines will be passed directly back to the Government.
The new system will aim to make sure the fees are fair and reflect the relative risk of the organisation’s processing of personal data. The size of the data protection fee will still be based on the organisation’s size and turnover and will also take into account the amount of personal data it is processing. The final fees will be approved by Parliament before being put into place.
The European Commission has proposed new regulations that would limit the way companies track users on the internet.
Part of that plan would see the removal of website banners that provide disclaimers on cookie policies and instead have the user’s browser preferences automatically apply to each site they visit. In addition companies will need to get explicit consent from a user before being allowed to track their online activities.
If passed, the new rules will come into effect by May 2018.
Read more… (opens in a new tab)
The ICO has issued a £60,000 fine to Boomerang Video Ltd after it suffered a cyber attack. An investigation by the ICO found the Berkshire-based company failed to take basic steps to stop its website being attacked.
Pub chain JD Wetherspoons has quite a fanbase in the UK, but the company has decided it’s safer to delete all its customer data than risk it being hacked.
Source: Wetherspoons decided it’s safer to delete customer data – Developer Tech
Melanie Dawes the Permanent Secretary of the Department for Communities and Local Government (DCLG) has sent a letter to owners, landlords and managers of private residential blocks in England.
DCLG are offering, private owners of residential buildings an opportunity to test cladding on blocks over 18 metres high through arrangements put in place with the Building Research Establishment (BRE).
These checks will be paid for by DCLG, and the information will be available to DCLG from BRE.
Where owners consider that they may have concerns about cladding on buildings over 18 metres high, there is a process to follow described in the letter.
DCLG have provided an email for enquiries: PRShousingchecks@communities.gsi.gov.uk
The letter and downloadable data return form are available here.