The Information Commissioner’s Office (ICO) has informed British Airways they are facing a record fine of £183.39 million, this is the biggest fine ever issued by the ICO.

Between June and September 2018, the airline suffered a massive cyber-attack leading to the personal and financial information of over 500,000 customers being stolen. The sensitive information, which included people’s passport numbers, names and addresses and credit card details, was stolen from the airline’s website and mobile app.

The ICO launched an extensive investigation and found that a variety of information was compromised, and the airline was to blame as they had … Read more

The Information Commissioners Office has fined EE £100,000 for sending millions of marketing texts without permission to do so.

Mobile giant EE has been fined £100,000 for sending millions of text messages to customers. The ICO said EE sent more than 2.5 million messages in 2018. The messages asked customers to download an app and upgrade their phones. EE also sent follow up texts to the customers who did not open the first message.

EE told the ICO that the texts were sent as service messages and because of this were no subject to the electronic marketing rules. However, the … Read more

The Information Commissioner’s Office say that the voice data collected unlawfully by HMRC should be deleted.

The information Commissioner’s Office started investigating HMRC back in June 2018, after learning the government body had been illegally storing the biometric voice ID’s of more than 5 million people.

Watchdog Group ‘Big Brother Watch’ (BBW) lodged an official complaint with the ICO. The advocacy organisation said that the collection of Voice ID’s was not being done with explicit consumer consent, and information on how individuals can easily and securely have their voiceprint deleted is not publicly accessible. BBW says this is a direct … Read more

The Information Commissioner’s Office has fined Bounty, a parenting and pregnancy club £400,000 for illegally sharing the personal information of 14 million members.

An investigation by the Information Commissioners Office found that Bounty had been collecting the personal information through its website and mobile app and from new mothers in hospital.

Bounty is a source of information for new and expectant mothers, they provide pregnancy and parenting tips along with freebies and special offers. They collect personal information for the purpose of signing new members to the information service. But the ICO found that the organisation wasn’t being 100% honest … Read more

Grove Pensions Solutions, based in Kent, hired a third party marketing firm to distribute over 2 million emails over a twelve month period, promoting its services. An investigation led by the Information Commissioners Office found that Grove Pension Solutions Ltd was responsible for the two million emails, which were sent between 31 October 2016 and 31 October 2017.

The ICO found that Grove Pensions Solutions had instructed a marketing company and used third party email providers to carry out hosted marketing campaigns, that advertised the company’s services. The company had sought specialist advice from a data protection consultancy as well … Read more

The Information Commissioner’s Office has fined Vote Leave Limited £40,000 for sending out thousands of unsolicited text messages during the 2016 EU referendum. Following an investigation by the ICO, discovered that the Vote Leave campaign sent 196,154 text messages promoting the Leave Campaign. The text messages contained a link to its website.

The ICO found that the Leave campaign claimed they had received people’s details legitimately, but had actually deleted the evidence of consent after the referendum. They also deleted details of the phone numbers the messages were sent from, the number of messages sent, and the number of messages … Read more

A London based tax returns company has been fined £200,000 by the Information Commissioner’s Office for sending 14.8 million marketing text messages between July 2016 and October 2017. The ICO began an investigation after receiving over 2,100 complaints from members of the public.

The company, named as Tax Returned Limited, did not follow the proper guidelines when contacting people. The ICO found that the company had not taken the reasonable steps to make sure the data complied with the Privacy and Electronic Communications Regulation, which requires a company or organisation obtains specific consent from people receiving the messages, prior … Read more

Italy’s consumer regulator is fining Facebook over £8 million, for concealing how they make money from their data. The fine comes after an investigation by the Italian Competition Authority (“ICA”) looked into alleged violations of the consumer code by Facebook.

According to the ICA, Facebook violated four of the consumer code regulations, they say: Facebook emphasises the free nature of the service, but not the commercial objectives that underlie the provision of the social network service, thus inducing users into making a transactional decision that they would not have taken otherwise (i.e., to register in the social network and to … Read more

HSBC customers looking to grab a bargain on Black Friday had a nasty shock when they learned that they were locked out of their bank accounts. The HSBC mobile banking system went down last Friday, at the height of the Black Friday sales. It was unfortunate timing for shoppers, who needed to use their online banking apps to take advantage of the Black Friday deals. It is also bad timing, as MP’s announce they are investigating banks and the numerous IT failures reported this year.

Last month, HSBC online banking went down, leaving customers locked out of their bank accounts. … Read more

The Information Commissioners Office (ICO) has upheld a symbolic £500,000 fine it handed to Facebook in July. The fine was issued to Facebook in response to the Cambridge Analytica scandal, concerning harvesting users’ data.

The ICO stated in its notice of penalty that data from at least one million British users was unfairly processed and Facebook had failed to take appropriate technical and organisational measures against it. The fine is the maximum amount allowed under the Data Protection Act 1998.

In a statement a Facebook spokesperson said: “We are grateful that the ICO has acknowledged our full cooperation throughout … Read more