theguardian -- Data protection

Just Eat driver 'sent unwanted messages' to female customer
Tue, 16 Jan 2018 13:27:11 GMT

Takeaway app criticised for response to woman who complained about inappropriate messages

The Information Commissioner’s Office is investigating allegations that a delivery driver used a customer’s mobile number to send her inappropriate messages after dropping off the food she had ordered via the takeaway app Just Eat.

The firm was criticised over its response to the complaint from Michelle Midwinter, who said she received a series of late-night messages from the driver, saying he was “a fan” and asking if she had a boyfriend. “Good night baby see you next time when I get your meal,” he allegedly wrote.

Just a snippet of Just Eat’s response to my receiving unsolicited messages from the guy who had just delivered my food. Nice one Just Eat! Apart from him using my number in this way surely being in breach of privacy laws etc, they don’t really seem to take it seriously do they??

If you have experienced an issue similar to that in the story our journalists would like to hear from you.

Continue reading...
Carphone Warehouse fined for 'striking' number of failures that led to data breach
Wed, 10 Jan 2018 12:37:41 GMT

Information Commissioner’s Office fines company £400,000 for ‘concerning’ security issues following investigation of hack of 3m customers’ data

Carphone Warehouse has been fined £400,000 by the Information Commissioner’s Office for a series of “systemic failures” uncovered following a data breach in 2015.

The ICO described the “number of distinct and significant inadequacies in the security arrangements” of Carphone Warehouse as “striking”, and said that it was “ particularly concerning that a number of the inadequacies related to basic, commonplace measures”.

Continue reading...
Data protection bill amended to protect security researchers
Tue, 09 Jan 2018 18:45:59 GMT

Exemption added after researchers said efforts to demonstrate inadequate anonymisation could fall foul of law

The government is to amend the data protection bill to protect security researchers who work to uncover abuses of personal data, quelling fears that the bill could accidentally criminalise legitimate research.

The move follows a Guardian report on the concerns, and has been welcomed by one of the researchers who raised the alarm. “I am very happy with the amendments,” said Lukasz Olejnik, an independent cybersecurity and privacy researcher.

Continue reading...
Hacked and hacked off: without change this new data law will fail victims | Alex Neill
Tue, 09 Jan 2018 13:00:19 GMT
The data protection bill must be amended so independent organisations acting in the public interest can help consumers to get proper redress

• Alex Neill is managing director of home products and services at Which?

Your name, your email address, your home address, your bank details, your credit or debit card details. You probably cannot count the number of times that you have been asked to share these important pieces of personal data with a company or organisation in the past weeks or months. As more and more of us report sharing an ever increasing volume of our personal information online, is enough being done to keep it safe?

The more information we share, the greater the risk there is of us falling victim to a data breach. While in some cases you may just need to update all your passwords, the loss of more important, personal data could have serious consequences, including leaving you at greater risk of being subject to fraud. Over the past year, we have seen reports of high-profile hacks of numerous organisations – Yahoo, Uber and Equifax to name just three.

There is still no system in place for consumers affected by a data breach to seek collective redress

Related: New law could criminalise uncovering personal data abuses, advocate warns

Continue reading...
Insurance firm and two senior figures handed record data breach fines
Fri, 05 Jan 2018 18:04:11 GMT

Fines totalling more than £150,000 handed down over use of private detectives to illegally obtain private banking records

An insurance firm and two senior figures connected with the company have been given record fines for using private detectives to illegally obtain the private banking records of a businessman they were investigating.

The fines, totalling more than £150,000, were described by an official watchdog as the highest ever imposed under the Data Protection Act for unlawfully acquiring personal information.

Related: Companies accused of using rogue private eyes face investigation

Continue reading...
Personal data of a billion Indians sold online for £6, report claims
Thu, 04 Jan 2018 11:20:32 GMT

Newspaper says it bought access to details from world’s largest biometric database, used to administer public services

The personal information of more than a billion Indians stored in the world’s largest biometric database can be bought online for less than £6, according to an investigation by an Indian newspaper.

The reported breach is the latest in a series of alleged leaks from the Aadhaar database, which has been collecting the photographs, thumbprints, retina scans and other identifying details of every Indian citizen.

Related: India goes from village to village to compile world’s biggest ID database

Related: No ID, no benefits: thousands could lose lifeline under India’s biometric scheme

Continue reading...
Public interest journalism faces a serious threat from Paradise
Sun, 24 Dec 2017 07:00:44 GMT
The offshore law firm at the heart of the Paradise Papers leak has chosen to sue in Britain for good – and worrying – reasons

The Paradise Papers investigation into the dubious tax schemes of the world’s wealthiest inhabitants involved 96 media organisations across 67 countries. Appleby, the offshore law firm at the heart of the story, has launched breach-of-confidence proceedings against just two: the Guardian and the BBC.

Appleby has not suggested that the stories about tax havens and abuses aren’t true. After a statement that it was “obliged to take legal action in order to ascertain what information has been stolen” it has made no further comment. So one can only surmise that Appleby rates its chances of convincing a British court to find in its favour.

Continue reading...
Facebook use of third-party apps 'violates data protection principles'
Tue, 19 Dec 2017 18:00:46 GMT

German watchdog accuses site of merging data from WhatsApp and Instagram into users’ Facebook accounts without consent

Germany’s competition authority has accused Facebook of abusing its dominant market position to improperly amass third-party data on its users.

A statement released on Tuesday criticised the world’s largest social media site for collecting data via Facebook-owned services, such as WhatsApp or Instagram, and then absorbing it into users’ Facebook accounts.

Continue reading...
France orders WhatsApp to stop sharing user data with Facebook without consent
Tue, 19 Dec 2017 09:45:28 GMT

Messaging app has one month to comply or it will face sanctions for sharing user phone numbers and usage data for ‘business intelligence’ purposes

WhatsApp has been ordered to stop sharing user data with parent company Facebook or face sanctions.

The French data protection agency, Commission Nationale de l’Informatique et des Libertés (CNIL), said on Monday that WhatsApp did not have a legal basis to share user data under French law for “business intelligence” purposes. The messaging app must cease data sharing within a month, paying particular attention to obtaining users’ consent.

The European Union's new stronger, unified data protection laws, the General Data Protection Regulation (GDPR), will come into force on 25 May 2018, after more than six years in the making.

Continue reading...
Ukip to face tribunal over use of data in EU referendum campaign
Wed, 13 Dec 2017 16:25:52 GMT

Information commissioner announces inquiry into parties’ use of personal information after Ukip’s refusal to cooperate

Ukip is to face a tribunal over its use of analytics during the EU referendum after refusing to cooperate with an investigation by the Information Commissioner’s Office.

The ICO announced a formal investigation into how political parties use data analytics to target voters in response to concern about how social media was used during the referendum.

Continue reading...