4/26/22, 1:13 PM
Latest news from ICO
Welcome to the ICO's Apr 2022 e-newsletter You have received this email as example@emailaddress.test is currently subscribed to receive ICO communications. Click to unsubscribe Online version
Add to safe senders Preference centre Privacy notice
ICO's March e-newsletter Welcome from John Edwards, the Information Commissioner In an age where data protection and privacy can be such broad topics, the fundamentals of keeping data secure are sometimes forgotten. That is the picture we’ve seen at the ICO. The number of cyber related data breaches is up nearly 20% over the past two years, and our experience is that many organisations need to take some of the more basic steps to protect information. Such steps are especially important as we see the unsettling pictures of events in Ukraine. As we flagged in last month’s newsletter, the National Cyber Security Centre is advising organisations to take the opportunity to strengthen cyber resilience. That might mean technical measures, but it can also mean increased vigilance, making sure systems are patched and up to date, and reminding staff of good practice around email and phishing attacks. There is a wealth of advice and guidance available to organisations, from the NCSC’s Cyber Essentials advice to guidance on our own ICO website. Our practical steps to keep IT systems safe are a great place to start, and we’ve also published guidance around ransomware this week. Cyber security is an important area for all, from big public sector organisations to small businesses. People need confidence in their privacy in order to share their data to access innovations and services. Good data security practices benefit us all. John https://newsletter.ico.org.uk/q/1AFUTiv9EP/wv
1/7
4/26/22, 1:13 PM
Latest news from ICO
News from the ICO
Do you still want to receive the ICO newsletter? We want to be sure you only get email updates from us if you want to. We’re asking all our newsletter subscribers to answer the question – “Do you still want to get the ICO newsletter?”. Those who answer no will be unsubscribed immediately. Those who do not answer before July 2022 will also be unsubscribed. So, if you wish to keep hearing from us, let us know now by visiting our new preference centre. You can also let us know more about what subjects and sectors you are interested in hearing about – these can be changed at any time. We have recently updated our privacy notice to reflect the creation of the preference centre. Don’t forget, if you want to keep hearing from the ICO, you must answer YES to the question “do you still want to receive the ICO newsletter?"
Register your interest in the Data Protection Practitioners Conference The 2022 edition of our Data Protection Practitioners Conference will take place in July. Ahead of this, we are inviting you to register your interest - please note that this is not a commitment of attendance nor does it guarantee a place at any element which may take https://newsletter.ico.org.uk/q/1AFUTiv9EP/wv
2/7
4/26/22, 1:13 PM
Latest news from ICO
place in person. As soon as the date can be confirmed, we will contact you via email. Register your interest now.
We want your views on our anonymisation guidance We've published the latest chapter in our series of anonymisation guidance, focusing on accountability and governance. Chapter 4 explains the governance approach you should take when you anonymise personal data. This is draft guidance and so we're interested to hear your thoughts on how we could improve the guidance to better support you in your work. Read all four published chapters and let us know your thoughts.
Ransomware and data protection compliance As discussed above, good data security practices are crucial. The National Cyber Security Centre recognises ransomware as the biggest cyber threat facing the United Kingdom, and our personal data breach caseload in 2020/21 saw a steady increase in the number and severity of breaches caused by ransomware. Our new guidance presents eight scenarios about the common ransomware compliance issues we have seen, including attacker tactics, testing and assessing security controls and breach notification. Read the guidance on our website.
New guidance on video surveillance We have developed this guidance to help organisations in the public and private sector, who use video surveillance systems to collect and process personal data. It will help you to stay within the legal requirements of the UK General Data Protection Regulation. Read the guidance on our website.
https://newsletter.ico.org.uk/q/1AFUTiv9EP/wv
3/7
4/26/22, 1:13 PM
Latest news from ICO
ICO in the media Updated guidance on vexatious requests We’ve recently updated our FOI guidance on section 14(1) vexatious requests. The update reflects changes to caselaw in more detail. The guidance provides public authorities with practical advice when deciding if a request is vexatious, and how to handle vexatious requests.
Earlier this month, John Edwards was interviewed by the Telegraph about the opportunities for data protection in the UK post-Brexit, saying that data protection rules should not be “regulations for regulation’s sake”. You can read more from the interview, and find out about our other media engagements this month, on our ICO in the media page. Read more
Read more on our blog about our information rights work.
Read more
Events and engagement opportunities
Draft Regulatory Action Policy out for consultation Your Views Matter We are still looking for your views on the services we offer. Our Your Views Matter campaign, launched in January, is a listening exercise to hear direct from businesses, organisations and people about their experiences of https://newsletter.ico.org.uk/q/1AFUTiv9EP/wv
You have until 24 March to tell us your thoughts on our draft Regulatory Action Policy, statutory guidance on our regulatory action and statutory guidance on our PECR powers. These three documents set out how we aim to carry out our mission to uphold information rights for the UK 4/7
4/26/22, 1:13 PM
Latest news from ICO
working with the ICO.
public in the digital age.
We are holding a series of events across the UK, and you can also contribute to the conversation online via a survey.
Find out more and respond to the consultations on our website. Read more
Read more
Tell us your views on our draft right of access guidance Tomorrow (11 March) is the final day of our consultation on the draft guidance covering right of access for competent authorities. The right of access in Part 3 of the Data Protection Act 2018 is a fundamental right that applies to competent authorities. It is more commonly known as the right to make a subject access request. We have now drafted detailed guidance which explains in greater detail the rights that individuals have to access their personal data and the obligations on competent authorities.
Our innovation services help us to help you We are here to support all organisations. Whether you’re a small fintech start-up or a large public sector organisation using personal data to improve health outcomes, our innovation services are here to help. In order to help us in our aim, we need to hear from you. By answering our short survey you’ll ensure that we offer the right innovation services for organisations like yours in the future. Let us know your thoughts in our survey. Read more
The consultation is open until 5pm on 11 March. Read more
Action we've taken https://newsletter.ico.org.uk/q/1AFUTiv9EP/wv
5/7
4/26/22, 1:13 PM
Latest news from ICO
ICO reprimands Scottish Government We have issued a reprimand to the Scottish Government and NHS National Services Scotland over both organisations’ failure to provide people with clear information about how their personal information - including sensitive health data – is being used by the NHS Scotland COVID Status app. You can read more about our concerns over the app on our website.
More action we've taken this month We have issued monetary penalty notices to the following organisations: The Money Hive Limited Royal Mail Group Limited Tuckers Solicitors LLP
Looking for a new career? Take a look at the wide range of career opportunities at the ICO and the exciting future we could offer you: Legal Director, Policy and Advice Legal Director, Litigation Legal Director, Regulatory Enforcement Programme Manager (Strategic Change and Transformation) Delivery Manager, Digital Regulation Cooperation Forum Portfolio Manager (Strategic Change and Transformation) https://newsletter.ico.org.uk/q/1AFUTiv9EP/wv
6/7
4/26/22, 1:13 PM
Latest news from ICO
Product Engineer – Microsoft 365 Lead Policy Officer Accredited Financial Investigator Principal Policy Adviser – Technology and Innovation Team Manager – FOI Casework
Unsubscribe
If you wish to unsubscribe, please click on the link below. Please note this is an automated operation. http://newsletter.ico.org.uk/u/1hxK5UzxaQ
https://newsletter.ico.org.uk/q/1AFUTiv9EP/wv
7/7