Mistaken Identity

Over the past week, numerous excited stories have covered a talk given by James Pavur, an Oxford University researcher and Rhodes Scholar, at the Blackhat Convention in Las Vegas. With his girlfriend’s consent, Pavur made 150 subject access requests in her name. In what the BBC called a ‘privacy hack’ until they were shamed into changing the […]

Read More »

Mates’ Rates

A while ago, I noticed an FOI request sent to the Information Commissioner’s Office on the website What Do They Know? I always keep an eye on requests made to Wilmslow, but this one was especially intriguing. It asked about payments made by ICO to external suppliers and consultants where the work had not been put […]

Read More »

Lateral Thinking

Last week, I wrote a blog about the ‘personal data agency’ Yo-Da, outlining my concerns about their grandiose claims, the lack of detail about how their service works and their hypocritical decision to ignore a subject access request I made to them. Predictably, this led to further online tussles between myself and Benjamin Falk, the […]

Read More »

A Boy’s Best Friend is his Data

Just over a month ago, I enjoyed a series of bad-tempered Twitter exchanges with Benjamin Falk, Founder and “Chief Talker” of the personal data outfit Yo-Da. Falk has an interesting perspective on Data Protection. Instead of coming to DP through the traditional routes of information management, security, governance or the law, Falk is an ‘information economist’. […]

Read More »

The Curse of the Padlock

One of the dangers of working in Data Protection is the risk of becoming a pedant. Precision matters; court cases have turned on the meaning of individual words like ‘likely’ and ‘distress’. The legislation is a maze of definitions and concepts that the competent practitioner needs to get to grips with. Lazy thinking can be […]

Read More »

A cure for blindness

The first time I read the GDPR properly, something leapt out at me. For years, the received wisdom about the subject access and other rights provided by the legislation was that they were ‘applicant blind’. You could ask the person for assistance in locating their data, but you could not ask them why they were […]

Read More »

Home, James

A few months ago, I wrote a blog about data protection and nonsense, highlighting inaccurate claims made by training companies, marketers and pressure groups. A bad tempered spat ensued in comments on LinkedIn between myself and Russell James, the marketer behind the lobbying attempt to change the ICO’s funding model to include cost recovery. James […]

Read More »

Head in the Sandbox

The Information Commissioner’s Office recently held a workshop about their proposed Regulatory Sandbox. The idea of the sandbox is that organisations can come to the ICO with new proposals in order to test out their lawfulness in a safe environment. The hoped-for outcome is that products and services that are at the same time innovative and […]

Read More »

Out of control

The General Secretary of the Labour Party, Jennie Formby, sent a letter to its Deputy Leader, Tom Watson, this week, expressing concern about Watson’s request that complaints about anti-semitism be copied or forwarded to him so that he could ensure that they were being dealt with properly. Formby outlined concerns about the effect on the […]

Read More »