News

Email is the classic GDPR issue - it's not about the system where we store things, it's about the process and how that data is used. So ask yourself, what is the content of the email and what does it relate to?

A recent study conducted by Check Point Research which can be found at the bottom of this article has found that there has been a 29% increase in cyberattacks on organisations in the education sector since 2020, the highest increase of any sector. 

Cyber attacks are on the up, and with the education sector seeing the highest number of cyber attacks of any sector since the start of the pandemic, as well as the highest increase in attacks in that same period

Our news story this week is from TechCrunch, who have an article regarding The European Data Protection Board (EDPB), who have called for the EU to phase out, and eventually prohibit the use of targeted advertising

On the 10th of November 2021, The Supreme Court announced their long awaited decision regarding a lawsuit between Mr Lloyd and Google. The court found unanimously in favour of Google, and dismissed the Court of Appeal’s previous decision.

With biometric technology becoming more and more prevalent in society, the governance of the personal data that organisations collect from using this technology has recently been a topic of discussion.

Another week, another Facebook story. Don’t worry, we're not slowly becoming a Facebook news outlet, they just keep making headlines in the world of data protection, and this time seemingly for a positive reason.

On September 9th, the UK Government published their Consultation Paper on Reforms to the UK Data Protection Regime-'Data: A New Direction', where they outlined proposed changes to GDPR since leaving the EU.

How to share this year’s Nativity play online safety

Schools will have good intentions in wanting to share this year’s Nativity play online. But how do you ensure you do this safely and adhere to the latest data protection regulations? Below is some guidance which will support you in this task.

Over the past few years, there has been a positive drive towards imposing greater regulations on organisations and how and when they collect user data. Users now have more control than ever on being able to consent to the collection of different types of data by apps.

As we’ve spoken about before in past articles, since the pandemic there has been a worrying increase in cyber attacks, with the education sector seeing the highest increase and total number of attacks. Our article on this can be read on our news page.

Judge rules that Amazon Ring doorbells breach GDPR:

A judge in Oxford County Court has ruled that audio recordings from an Amazon Ring doorbell have breached data protection laws. The case involved an individual taking their neighbour to court, stating that the numerous recordings they had from their various cameras they had set up outside their house amounted to harassment and a breach of the Data Protection Act 2018.

With cyberthreats becoming an increasingly worrying issue for organisations and the security of the data they hold, we thought it would be beneficial to write a weekly cyber security threat report

The ICO has published a new code of practice entitled the ‘Data Sharing Code’. The code came into force on October 5th 2021, after being published on September 14th 2021. DLA Piper provides a good overview of the new code of practice, a summary of which can be found below, however if you wish to read their article on the code, you can find it here.

Under UK GDPR, organisations that hold personal information/data about people have a responsibility to ensure that that data is being dealt with in line with the relevant legislation.

Apps targeted at Children removed from the App Store for failing to have a privacy policy

We will be releasing the Phishing Simulation to all schools over the next three weeks. We are currently finalising scenarios and implementation materials prior to final user testing and release.

At Data Protection Education, we are currently working on contacting all school suppliers with the aim of receiving all of their privacy policies and data agreements to ensure they are being GDPR compliant.

The Children’s Code

The first update from the ICO is that the transition year for the introduction of The Children’s Code (also known as The Age Appropriate Design Code) has passed, with the code having come into effect on September 2nd.

Recording staff vaccination data

Firstly, a couple of links as reference...though they don't really tell you the answer - especially the second one which doesn't seem to have been updated post-August 16th:

Schools in Brighton and Hove have received the following Freedom of Information request:

1. Please send me copies/scans/digital files that record individual racist/religious incidents/bullying incidents in terms of numbers of incidents and their