Welcome To The Data Leak Lawyers Blog

“Former NHS employee breaches data protection” – The ICO has fined a former employee around £1,300

The Information Commissioner’s Office (ICO) prosecuted and fined a former NHS employee, Beverley Wooltorton, for the unlawful access of personal information.

The fine imposed amounted to around £1,300 under section 55 of the Data Protection Act (DPA), where it’s unlawful for individuals to obtain personal data ‘knowingly’ (in this case) or ‘recklessly’ without the consent of the data controller, as well as accessing the information for personal reasons.
read more

By Author

“Netflix’s precautionary measure” – Netflix urges users to change passwords to enhance data protection

Netflix users are being urged to change their passwords following a data hack from another company. This may be a precautionary measure though, and it started when Netflix found some users were using the same passwords across accounts.

This concern was further cemented with the confirmation of another company’s data being hacked and leaked. The leaked data flags up warning signs that Netflix users who are using the same passwords across accounts may have their data breached in a sort of domino effect.
read more

By Author

“Home Office request data of 2,500 children” – The Home Office’s request for schools consensus data may be a breach of data protection rights

The Home Office’s demands for schools’ census data may be a breach of human rights and data protection rights. They have requested information for some 2,500 children in relation to immigration enforcement over the past 15 months.

This in itself is a pretty sensitive subject off the back of the United Kingdom’s decision to leave the European Union. But equally as important is the fact that this request may actually be a breach of people’s rights.
read more

By Author

“Facebook and WhatsApp data sharing” – Is the data sharing an infringement on EU data protection principles?

It has been quite a busy time for the European’s Article 29 Data Protection Working Party (WP29). After writing an open letter to Yahoo addressing the data breach which caused over 500 million users personal details to be stolen, the WP29 has also written to WhatsApp.

The concern surrounds the change in WhatsApp’s privacy settings, where it allowed Facebook to access their users’ data.

Is this an infringement?
read more

By Author

WP29’s open letter to Yahoo to explain mass data breach, involving more than 500 million user accounts

Following the massive Yahoo data leak – which involved over 500 million user accounts being accessed – the EU’s Article 29 Data Protection Working Party (WP29) has put tremendous pressure on the multinational technology company to explain the breach.

This can only be a good thing – these mass data breach organisations need to be held to account, and need to be robustly questioned on how they have managed to allow such breaches to happen!
read more

By Author

“Open data requires the same level of protection as private data” – Sir Tim Berners-Lee warns that not protecting open data could “create chaos”

There are fresh concerns that open data could “create chaos” as the father of the World Wide Web, Sir Tim Berners-Lee, warns that open data should have a public infrastructure, and requires the same level of protection as private data.

As the world continues to rely more and more on data that can be transferred in the blink of an eye, has he got a point?
read more

By Author

“The EU-U.S. Privacy Shield Pact” – The new Atlantic agreement is being challenged by data privacy groups

A recent privacy agreement struck between the U.S. and EU has not gone down very well with privacy groups who are challenging the decision in the Luxembourg-based General Court.

The EU-U.S. pact – dubbed the ‘Privacy Shield’ – was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic the right to transfer personal data from the EU to the U.S.
read more

By Author

“More control over our data” – The Privacy Commission calls for greater control over personal data in Australia

Australia are reportedly lagging behind many countries in terms of their data protection; as evidenced in the recent Red Cross Blood Service data breach, which was dubbed the “largest data breach in Australian history“.

Now, the Privacy Commission, along with many other organisations, are calling for an independent agency to act as a watchdog of the use of their citizens’ data.

Of course, we welcome such moves.
read more

By Author

“Cheaper car insurance if you give us access to your Facebook profile” – Admiral wants to create a new service which could potentially breach data privacy rights

In the digital age, where technology is growing faster than we can imagine, it serves as an important reminder that data protection and security must be at the forefront of all our minds.

Recently, car insurance company Admiral suggested using Facebook profiles as a way of assessing who should have cheaper car insurance. Facebook has blocked Admiral’s seemingly absurd claims; and rightly so!
read more

By Author

“Largest data breach in Australian history” – 550,000 personal details of blood donors were accessed by an “unauthorised person”

You may have seen the recent news coverage of the huge data breach in Australia involving the Australian Red Cross Blood Service.

It seems they’re the next organisation to face a gruelling investigation into how 550,000 of their patients’ details were accessed by an “unauthorised person”. It has been described as Australia’s largest data breach to date, and it’s a real concern, as most data breaches are.
read more

By Author