Data Notes

Marriott/Starwood Data Breach: ICO intention to issue another big £99 million 'mega fine'

ICO framework for AI proposed to help support innovative use of this emerging technology

March deadline approaches in call for views on government cyber security skills stategy

The UK Government recently launched a Call for Views on its Initial National Cyber Security Skills Strategy. The closing date for stakeholder responses …

New Mirai based malware variants – BrickerBot and a Bitcoin miner

The Mirai malware gained its infamy in October 2016 following its record breaking attack on systems operated by domain name system provider Dyn, using …

Court of Appeal confirms Morrisons vicariously liable for employee's deliberate actions in first successful UK class action for data breach

The Court of Appeal has today dismissed an appeal against the High Court's decision that Morrisons was vicariously liable for its employee’s …

Court makes permanent injunction against unknown parties preventing disclosure of confidential information unlawfully removed from computer

In the cases of Clarkson Plc v Person(s) Unknown (“Clarkson”) and PML v Person(s) unknown (“PML”), the court has created a new tool in the fight against …

NIS Directive and Regulations now in force

The EU Network and Information Systems Directive (“NISD”) was required to be implemented into national law by 9 May 2018. The UK implementing regulations …

Compliant or not: the GDPR is here

The GDPR came into force on 25 May 2018 and brought with it additional rights for individuals and additional obligations for organisations. It also …

Managing cyber security risks in the telecommunications sector

Cyber security remains in the public eye with multiple incidents and vulnerabilities reported affecting telecoms companies. Telecoms companies need to …

UK Government endorses new data security standards and greater patient control over use of health data

The Department of Health published its Review of Data Security, Consent and Opt-Outs (the “Review”) earlier this year. Incidents such as WannaCry (refer …

UK Government Position Paper on International Transfers of Data - Key Points

The post below was first published on our Employment blog Last week the UK Government released its negotiating position paper on international …

ENISA Guidance: Incident Reporting for Digital Service Providers under Cyber Security Directive and the interplay with GDPR

The new report referenced in the article above, follows comprehensive guidelines (the "Guidelines") published by ENISA in February 2017 for Member States …