Green CDL offers free EU data protection consultation

If you in any way have any dealings within the EU from 1st January data protection rules will change. Green CDL is offering a free initial consultation with our lawyer to advise what steps you need to take. Time is running out, you need to take action now.

European Commission releases draft Standard Contractual Clauses for consultation

On 12 November the European Commission released its draft implementing decision and re-drafted sets of Standard Contractual Clauses. There will now be a 4 week consultation period ending on 10 December 2020. John Green, a data protection lawyer from Green CDL says “unfortunately these are unlikely to be approved before the end of the transition period for the UK meaning organisations relying upon these as a safeguard will need to prepare new contracts sometime in the New Year.”

Resident Evil game maker hit with cyber attack

Capcom, makers of popular games such as Resident Evil and Street Fighter, has confirmed that its computer systems have been hacked. It said some of its internal networks had been suspended “due to unauthorised access” from outside Capcom. It further said that “at present” there was no sign that customer information had been accessed. Emma Green, Cyber Security and Data Protection analysist from Green CDL says “no evidence of customer information having been compromised does not mean that it hasn’t”.

ICO finds seven UK political parties failing at data protection

The ICO audited the parties’ data protection practices and made a number of recommendations for improvements, it is understood 70% of the findings were classified as urgent or high priority.

Key recommendations for the parties include:

  • providing the public with clear information at the outset about how their data will be used;
  • telling individuals when they use intrusive profiling such as combining information about those individuals from several different sources to find out more about their voting characteristics and interests;
  • being transparent when using personal data to profile and then target people with marketing via social media platforms;
  • being able to demonstrate that they are accountable, showing how parties meet their obligations and protect people’s rights;
  • carrying out thorough checks on all contracted and potential processors and third party suppliers to gain assurances that they comply with the key transparency, security and accountability requirements of data protection law and;
  • reviewing their lawful bases for the different types of processing of personal data used to ensure the most appropriate basis is used