Posts

The Information Commissioner’s Office says it is issuing Marriott International a £99 million fine, for a huge date breach in 2014.

The data breach led the personal and financial details of some 339 million guests being stolen by cyber-criminals. The breach happened in 2014, but Marriott only discovered it in 2018. Marriott said 339 million guests had their information uncovered, this included their names, phone numbers, dates of birth, phone numbers, passport numbers and arrival and departure information. Some guests had their credit card numbers and card expiration dates exposed. CEO Arne Sorenson said in a statement: “We fell short … Read more

The Information Commissioner’s Office has fined Reward, a parenting and pregnancy club £400,000 for illegally sharing the personal information of 14 million members.

An investigation by the Information Commissioners Office found that Bounty had been collecting the personal information through its website and mobile app and from new mothers in hospital.

Bounty is a source of information for new and expectant mothers, they provide pregnancy and parenting tips along with freebies and special offers. They collect personal information for the purpose of signing new members to the information service. But the ICO found that the organisation wasn’t being 100% honest … Read more

The Information Commissioners Office (ICO) has upheld a symbolic £500,000 fine it handed to Facebook in July. The fine was issued to Facebook in response to the Cambridge Analytica scandal, concerning harvesting users’ data.

The ICO stated in its notice of penalty that data from at least one million British users was Unjustly processed and Facebook had failed to take appropriate technical and organisational measures against it. The fine is the maximum amount allowed under the Data Protection Act 1998.

In a statement a Facebook spokesperson said: “We are grateful that the ICO has acknowledged our full cooperation throughout … Read more

Praetorian Legal are now Data Protection Regulated.

The Data Protection Act 1998 (the “Act”) requires every organisation that processes personal information to register with the Information Commissioner’s Office (ICO), unless they are exempt. Failure to do so is a criminal offence.

Our duties under the Act apply when we are processing personal data, as do the rights of individuals in respect of that personal data. We must Adhere to the Act from the moment we obtain the data until the time when the data has been returned, deleted or destroyed.

Our duties extend to the way we dispose of personal … Read more