Blogs

Return to Sender: Data Breaches and Email Correspondence

14th May 2020

Data controllers in both the private and public sector issue and receive large volumes of email correspondence on a daily basis. While email is a valued and effective communication tool, it can be the source of a number of common data protection breaches. Typically, most data breaches involving email tend to be a result of human error. Unintended email disclosures, depending on the content, can result in a risk to the rights and freedoms of the data subjects affected.   Common errors recently encountered by the DPC ...

Tips for Avoiding Data Breaches

01st May 2020

During the Coronavirus (COVID-19) pandemic, the DPC knows you might need to share or collect information quickly to adapt to the demanding circumstances we all face and to maintain normal functions as far as possible. One of the heightened risks at this time is that you might suffer a ‘data breach’, which leads to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. ...

Data Protection Tips for Video-conferencing

03rd April 2020

In light of the recent increase in remote working, necessitated by COVID-19 mitigation measures, as well as the increased numbers keeping in touch online with friends and family, the number of people video-conferencing and video-calling has increased dramatically. This has also resulted in people using apps and services which they might not have used before, or are now using for different reasons – i.e. using an app they usually use for personal purposes now for work purposes or vice versa. ...

Staying safe online during a pandemic

26th March 2020

During the COVID-19 pandemic we have seen support being offered from all parts of society, as well as innovative solutions and tools being developed and implemented. Nevertheless, in a rapidly changing environment, it’s important that we all take steps to ensure that we stay safe in our online interactions, particularly when there are so many COVID-19-related scams to trick people into sharing their personal data or to gain access to their devices. ...

Data Protection and COVID-19

06th March 2020

Governments, as well as public, private, and voluntary organisations are taking necessary steps to contain the spread and mitigate the effects of COVID-19, widely referred to as the ‘coronavirus’. Many of these steps will involve the processing of personal data (such as name, address, workplace, travel details) of individuals, including in many cases sensitive, ‘special category’ personal data (such as data relating to health). ...

Does the GDPR Really Say That? – Attendee Lists and Name Tags

28th February 2020

The misunderstanding that conferences, workshops and events can’t share the details of attendees because of the GDPR is one that many people may have come across. Attendees of workshops, conferences, or events have been told that the organisers couldn’t share an attendance list, or that name plates or badges couldn’t be produced, because the organisers were worried about the GDPR. ...

Operationalising accountability through Codes of Conduct and Certification

07th February 2020

Accountability - GDPR Article 5.2… “The controller shall be responsible for, and be able to demonstrate compliance with, paragraph 1 [the principles of data protection]” As one of the GDPR’s most important innovations, the principle of accountability (Article 5.2 in the GDPR) means that organisations processing personal data must: ...

Opinions - Everyone’s got one, but does data protection law apply to them?

24th January 2020

Something that the Data Protection Commission (DPC) comes across from time to time are disputes over ‘opinions’ about a person that have been recorded or used in some way. People can have strong views over whether opinions are fair or correct, and they can involve issues such as freedom of expression and confidentiality – so disputes in these cases can become both contentious and complicated. Therefore, in this blog post we’ll aim to cover some of the basic issues which can arise where opinions come into contact with data protection law. ...