Data in the News – November 2020
The agreement is an “existential threat” to privacy, the Open Rights Group has claimed, allowing information to be transferred and kept secret, with no right of access or to delete it.
The small print of the deal – which, The Independent revealed, provides “zero” gain to exporters – also raises the risk of a no-deal Brexit if the EU rejects an agreement because of the data protection fears, it said.
The Information Commissioner is examining the incident after more than 6,000 benefit claimants' National Insurance numbers were left online for more than two years. Bungling officials published more than 6,000 people’s personal data on the internet in a what appears to be a "serious" breach.
The Department for the Work and Pensions (DWP) apologised tonight after leaving a mammoth list of National Insurance numbers online for more than two years. It’s thought the personal data belonged to welfare claimants who were applying for disability benefit PIP.
A watchdog was tonight examining the incident, which two lawyers said appeared to be a “serious” breach of data protection law.
As the UK enters its new relationship with the EU, is your business ready? If you receive personal data from the EU for business use, you need to act now to ensure you are prepared for data protection requirements that may come into force on January 1.
Whether you receive details for payroll admin, or customers’ email addresses, you’ll find a host of helpful tools and information on the ICO (Information Commissioner’s Office) website.
“We realise many companies won’t know data protection law in detail, and it might seem a bit daunting,” says the ICO’s Steve Wood. “This is why we’ve produced guidance aimed at SMEs.
“Businesses that receive personal data from the EU may need to make changes by the end of the year if they want to keep receiving that information lawfully. Therefore, it’s important to start preparing now.”
The three sides are in a stand-off over how people’s personal information should be protected. Digital trade is heading straight into a three-way pileup.
The European Union, the United States and the United Kingdom are facing off over how to handle data transfers that underpin billions of euros annually in trade. Officials are trying to hammer out separate agreements — between Brussels and Washington, Brussels and London, and London and Washington — by the end of the year or early 2021.
But negotiations are set to be difficult. Europe has been at odds with Washington for years over privacy protections, and London could also soon find itself at odds with Europe.
For the remainder of the Brexit transition period, taking us to 31 December 2020, UK organisations must continue to comply with the EU’s General Data Protection Regulation (GDPR), and should plan to do so indefinitely if they collect data on European contacts such as customers.
From 1 January 2021, however, the current GDPR will no longer be binding in the UK and new data protection legislation will be introduced. This transition can be done smoothly if the regulations are functionally similar. British lawmakers were, after all, involved in crafting the original GDPR, so any deviations should, ideally, be minor. And with organisations having enough on their plates nowadays, dealing with the challenges and uncertainty caused by Covid-19, lawmakers can help by limiting any changes to GDPR regulations in the UK to those that are strictly necessary.
And finally, …
2020 presented us with many surprises, but the world of data privacy somewhat bucked the trend. Many industry verticals suffered losses, uncertainty, and closures, but the protection of individuals and their information continued to truck on.
What can we expect in 2021? Undoubtedly, the number of data privacy cases brought before the courts will continue to rise. That’s not necessarily a bad thing: with each case comes additional clarity and precedent on many different areas of the regulation that, to date, is open to interpretation and conjecture.
One of the biggest events of 2021 will be the UK leaving the EU. The British implementation of the GDPR comes in the form of the UK Data Protection Bill 2018. Aside from a few deregulations, it’s the GDPR and that’s great… as far as it goes. Having strong local data privacy laws is good, but after enjoying 47 years (at the time of writing) of free movement within the Union, how will being outside of the EU impact British business?