We have become used to hearing stories of data breaches caused by hacking and ransomware, including the news last week that there has been a security breach of the electoral register in which names and addresses of voters have been accessed, potentially as far back as August 2021. However, the recent news from Northern Ireland has served as a reminder that human error can also result in significant data breaches.
When the GDPR first came into force five years ago, the big headline-grabber was the potential for large fines – up to €20m or 4% of annual global turnover, whichever is higher. In recent months we have seen some significant penalties being applied by UK and EU supervisory authorities, and the news this week from the Irish Data Protection Commission was that it had concluded its investigation into Facebook parent company Meta and decided to issue it with an administrative fine of €1.2billion in respect of its data transfers to the US.
The ICO has issued another headline-grabbing fine to a social media company – this time to TikTok, who have been fined £12.7 million for misusing children’s data, in particular by processing personal data of children aged under 13 without parental consent and taking insufficient steps to check the age of those using their platform and removing those underage.
On 8 March 2023, the government withdrew its previous data protection bill, which had been scheduled for a second reading, and instead published a revised new bill, the Data Protection and Digital Information (No. 2) Bill.
ABERDEEN OFFICE
28 Albyn Place, Aberdeen AB10 1YL
Tel: +44 1224 845845
INVERNESS OFFICE
Camas House, Fairways Business Park, Inverness IV2 6AA
Tel: + 44 1463 713225
Stronachs LLP is a limited liability partnership registered in Scotland.
Registered number SO301806.
View our Privacy Notice here.
© Copyright 2024 Stronachs LLP. All rights reserved.
