ICO fines Facebook £500,000 for breaches of data protection law

ICO

The ICO have issued a fine of £500,000 to Facebook in light of serious breaches of data protection law. This was the maximum fine that could be issued under the Data Protection Act that was in place at the time of the breaches, under GDPR the fines could have been considerably higher.

Facebook have been found to have processed the personal information of users unfairly, notably allowing developers access to personal information without sufficiently clear and informed consent. Access was even granted to users information who had not downloaded the app, but were friends of users who had.

Additionally, Facebook failed to make suitable checks on the apps and developers using their system. One developer was able to harvest the personal information of up to 87 million users worldwide, without their knowledge.

After the Cambridge Analytica story broke and the breach of data protection was identified, Facebook failed to manage the breached data, waiting almost 3 years before suspending some developers access to the system.

Links

Facebook failed to sufficiently protect the privacy of its users before, during and after the unlawful processing of this data. A company of its size and expertise should have known better and it should have done better.

Elizabeth Denham
Information Commissioner
GDPR General Data Protection Regulation

General Data Protection Regulations

Data Protection Act 2018

The GDPR UK implementation and the UK Data Protection Act 2018 govern how organisations can process personally identifying information.

If your organisation needs to process personal information, it needs to be registered on the ICO database, and have a Data Protection Policy in place detailing the use of personal information.

Personal Information is any information that can identify an individual, such as employee names, customer id’s or CCTV footage.

If you need help assessing your GDPR compliance, contact us immediately for a GDPR review.

GDPR General Data Protection Regulation Logo

Encrypting Email & Attachments

Encrypted Email

There’s a growing awareness of the importance of keeping your information secure and many people are now looking at ways to protect their internet communications. With Google upping the standards on secure HTTP connections and the GDPR re-emphasising the importance of protecting information both in your care and during transport, attention has been turned to the insecure, ubiquitous, e-mail.

[bg_collapse view=”button-orange” color=”#4a4949″ icon=”arrow” expand_text=”Show Index” collapse_text=”Hide Index” ]History Of Email | Problems With Encryption | Entire Email Encryption | S/MIME | OpenPGP | Email Signing | Attachment/File Encryption | SEEOTI | STARTTLS | Secure Email | Bitmessage | End To End | [/bg_collapse]

Read more

Cyber Security Breaches 2018

Cyber Security Sqr

Cyber Security Review 2018

With only a month to go until the new Data Privacy regulations come into force, we;ve taken a look at the Cyber Security Breaches report released from the Department of Digital, Culture, Media & Sport. Read more

GDPR: Photos & CCTV

Camera

Are you GDPR Ready?

“,”serverSync”:”2018/06/13 11:55:14″}’>

General Data Protection Regulation

If you’re primary business is photography, have you considered the impact the GDPR is going to have on you and how you operate?

What about if you have CCTV that monitors and records an area that members of the public can access? Read more

What Does Facebook Know About You?

Facebook Title

Facebook now say Cambridge Analytica had access to 87 million accounts

“It is reasonable to expect that if you had that [default] setting turned on, that in the last several years someone has probably accessed your public information in this way
Mark Zuckerberg (BBC News)
Mark Zuckerberg has said that 1.1 million of the accounts improperly accessed by the political consultancy were from UK based users. He said that some malicious services had used a facility that allowed them to link the public profile of a user to an email or mobile phone number acquired elsewhere. Read more

Data breaches from within the workplace

tinsleyNET Email Services

tinsleyNET Email Services

Protecting your businesses precious data

As we roll on towards the European Union General Data Protection Regulation early next year, it’s becoming even more important for companies of all sizes to tackle data security within their structure. Small businesses may have a simpler organisational setup but lack the required skills and resources to manage their data within the new regulations framework, and medium sized enterprises might have some in-house IT skills, but a massively more complex data structure and processing setup that are adding to data security issues. Read more

Security

tinsleyNET Security
tinsleyNET Data Security

Security & Planning

Being able to plan for every eventuality would be a massive undertaking, so complex that you would spend all your time planning for the worst and not actually get anything else done.

But not planning enough could be your downfall if something unexpected goes wrong. So there needs to be a compromise, how much security and planning is enough?

Individuality

The level of security you need to take is completely unique to your business and your needs. But there’s one thing for sure, the security you need can not be bought pre-packed in an off-the-shelf solution, not if you want it to actually work.

What is security?

tinsleyNET Data Security

What do you think of when you consider the security you need?

For some it’s about personal security, either for yourself or a vulnerable relative, others might think of property security such as CCTV, dash-cams, digital door locks and remote entry systems. Then there’s digital security and that can encompass a wide range of things such as networks, documents, photos and portable devices.

  • Precious Data retention
    Keeping a secure and effective backup of your precious data, be it corporate accounts files or the irreplaceable photos on your phone, we all have precious data that needs looking after.
  • Company Network Security
    With so many data breaches being reported on the news it’s impossible to not be aware of the damage to your companies reputation a breach of data could cause.
    • Was the breach from outside your company or from inside?
    • Was the data protected under the law?
    • Who do you need to notify?
    • How can you prevent it happening again?
    • How can you meet expectations?
  • Home Network Security
    The security of home networks is just as vital as the security of business networks. Your home network could be breached for a number of reasons; to infect home devices with malware, to steal data and information, to take over your network connected IoT devices
  • Personal Device Security
    The security of your personal devices, such as smartphones and tablets, is even more crucial now that so much personal information is being stored on them, along with all your photos.
  • Identity Security
    Protecting your identity is key to all security, having the correct privacy settings in place on social media is only the start. You need to be aware of all the methods being used to scam users, from fake profiles to fraudulent apps, making sure you know what you’re clicking before you click is paramount.
tinsleyNET IT Servces Consultants #WeCanHelp

#WeCanHelp

Whatever your security needs, we can design and deliver the solution to meet them.

From home users to corporate networks, we can supply you with the most efficient security solution to help keep you, your company and your precious data safe.

Recovery

tinsleyNET Data Recovery
tinsleyNET Data Recovery Services

Sometimes, the worst happens…

It’s no good dwelling on the fact that you should have had backups of that critical data when the hard disk drive containing the only copy has started making funny noises and is refusing to work.

Try to minimise damage

Hard disk drives have mechanical moving parts just like a needle and arm on a record player (not sure what a record player is? please don’t make us feel that old!!) so at the first sign of something going wrong, stop trying to use the disk. Immediately.

If you know how to, unplug it from the computer and handle it carefully.

Data can probably be recovered from a hard disk with a faulty actuator arm or damaged read/write heads, it can’t be recovered from a hard disk that’s had the heads repeatedly scratched all over the surface of the disk.

SSD

Modern solid state drives are a different matter, no moving parts to worry about, but also no physical medium that can be searched for missing data. That’s not to say that your data is absolutely lost, but getting the drive assessed quickly is paramount.

tinsleyNET IT Servces Consultants #WeCanHelp

#WeCanHelp

If you have a hard disk that’s stopped working, unplug it if it’s external, or turn off the PC/laptop that it’s in then contact us immediately.

It could be a fault on the power side of the hard disk, and so recovery of the data should be fairly easy, but if there is damage to the internal read/write mechanism, it will need to be opened in a specialised clean room and the platters removed by professionals.

If you’ve accidentally deleted data from a device, stop using it to try to preserve the data, turn it off and then contact us.

We can help try to recover your lost data.