dcsimg

Things to consider when processing biometric data

Biometric data is being used in countless systems these days. If you’ve ever used your fingerprint scan to unlock your phone or facial recognition software, then your biometric data is being processed.  But like any form of data, biometrics – i.e. information relating to individual’s physical, physiological or behavioural characteristics – are potentially accessible by malicious sources, and the … [Read more...]

An overview of the GDPR with Alice Turley, data protection expert

The GDPR (General Data Protection Regulation), which came into effect on 25 May 2018, places obligations on organisations to be more accountable for data protection.   What is personal data?  Personal data is any information relating to an identified or identifiable natural person (data subject). The GDPR places much stronger controls on the processing of special categories of personal data … [Read more...]

The GDPR: How to respond to data subject access requests

The introduction of the GDPR (General Data Protection Regulation) requires all organisations within its scope to give data subjects the right to review the personal data being held on them.  Individuals can make this request by submitting a DSAR (data subject access request), which organisations must respond to by providing:  Confirmation that the individual’s data is being processed.  Access to … [Read more...]

List of data breaches and cyber attacks by region: May 2019

You might have noted that data breaches happen a lot. We post about incidents as often as we can, but it’s practically impossible to keep up.  That’s why we’ve decided to start compiling a monthly list of incidents from stories reported around the globe.  In our inaugural list, we look back at May 2019, in which there were at least 79 reported data breaches.  If we’ve missed anything, let us know … [Read more...]

Helen Dixon reappointed as Ireland’s Data Protection Commissioner for a second term

Helen Dixon has been reappointed as DPC (Data Protection Commissioner) until 2024 following government approval.   Announcing the decision, Charlie Flanagan, Minister for Justice and Equality, said: “Helen is internationally well regarded for her expertise in this area. This is a very important role as Ireland’s Data Protection Commission is the EU’s lead regulator for the many multinational … [Read more...]

The GDPR: When do you need to seek consent?

One of the most misunderstood aspects of the GDPR (General Data Protection Regulation) is its consent requirements. Many people believe that organisations must get consent to process personal data, but that’s not true. Consent is only one of the six lawful grounds you can seek, and it’s generally regarded as the least preferable option. Where possible, you should seek one of the following … [Read more...]

What we’ve learned about the GDPR in its first year

This time last year, organisations were scrambling to meet the compliance deadline for the GDPR (General Data Protection Regulation), people’s inboxes were flooded with last-minute pleas for consent and social media was rammed with GDPR memes.  Twelve months later and the commotion surrounding the Regulation has calmed, but its impact remains. In this blog, we look at the effects the GDPR has had … [Read more...]

The Data Protection and Privacy Glossary

Understanding and complying with data protection and privacy regulations is hard enough. With all of the jargon and acronyms thrown around, it can sometimes feel like lawyers and regulators don't want you to understand. Fear not, we've put together a comprehensive data protection and privacy glossary to help you sort it all out.  … [Read more...]

How to write GDPR-compliant consent forms

The new consent requirements introduced in the GDPR (General Data Protection Regulation) mean you need to be extra vigilant when it comes to requesting information. The rules for lawful consent are much tougher than in the past, and savvy data subjects will be bound to query anything that seems suspicious.  You can be sure your data processing activities meet the GDPR’s consent … [Read more...]

Burger King data breach potentially exposed the data of thousands of children

Kool King, an online shop owned by Burger King, had thousands of customer records exposed through an unsecured database, which was discovered last week.  The website allows customers who purchase from the children’s menu in Burger King, France to access content, including games, films and activities, after creating a profile on the platform.   The breached database, which potentially contained the … [Read more...]