Back in late June, you will have seen the publication of the Data Protection Commissioner’s Annual Report, a summary of which is now available at on the Commissioner’s web-site at http://bit.ly/1K84w70. This is the first Annual Report since Ms Helen Dixon became Commissioner, and sets out some clear indications of the areas in which she and her expanded staff will focus in the coming year.
July brought us the Eircode, after much discussion and fanfare. Slowly but surely, the codes are starting to appear on letters and packages, and I have been asked for my code several times in recent weeks – both for my home address and for our office. Since use of the Eircode is not mandatory, it is likely to take a long time before it has the same level of usage as the equivalent codes in the UK, Germany or the US ‘zip code’. In the meantime many organisations are still considering whether to make the required changes to their data bases and registration forms in order to accommodate the new code – we will continue to ‘watch that space’.
There have been several interesting DP-related stories in the media in recent weeks – including the possible theft of c 90,000 customer records and credit card details from the Carphone Warehouse, and the theft of the data of dozens of third-level students, when hackers ‘scraped’ the Susi web-site and posed as the grant applications service to seek their bank and credit card details.
Of course, these breaches pale into insignificance when compared with the estimated 32 million records stolen and published by the ‘high-minded’ individuals behind the hack of the Ashley Madison website. Setting aside the raison d’etre for the site (motto – “Life is Short. Have an Affair”), we are only beginning to see the devastating consequences which this mass disclosure of personal data will have on individual lives, careers and relationships.
Without getting into the debate on the rights and wrongs of such a site (that’s for another day!), there are a lot of sobering lessons to be learned by any organisation which commits to keeping its subscriber data safe, secure and confidential.
Sytorus continues to get busier in this space, and we are constantly challenged by the new perspectives which our clients bring to our door.
Whether planning a Direct Marketing campaign, seeking to formalise their data storage solution, or considering the engagement of a new service provider, it is great to see these organisations thinking about Data Protection as a key element, early in the design stage of their data management projects.
This bodes well for the proposed new General Data Protection Regulation, due to be signed off by the end of the year, which will introduce the principle of ‘Privacy By Design’ as a fundamental obligation for Data Controllers in the coming years. We will be providing more detail on the new Regulation in our next newsletter, as the final wording of the new legislation is published.
In the meantime, feel free to visit our new web-site – a one-stop data protection resource and information hub called ‘Privacy Engine’ at https://www.privacyengine.io. Feel free to avail of the free, one-month trial and please let us know what you think!
Lastly, a date for the diaries – our last DP Primer Training course of the year will run on November 26 + 27 at our Capel Building office – for more information, call us on 01) 683 3312.
We look forward to getting in touch soon again, and if we can be of any support with your Data Protection questions, please don’t hesitate to give us a call.