The ICO has published guidance revealing how it will enforce data protection legislation. Find out more here.
News
ICO reveals how it will enforce data protection legislation
The ICO has published guidance revealing how it will enforce data protection legislation. Find out more here.
News
Damages awarded against school for misuse of pupil information
Damages have been awarded against a school for the misuse of pupil information. Find out more here.
News
‘Nuisance’ Subject Access Requests not supported by High Court
Court gets tough on ‘nuisance’ Subject Access Requests. Find out more here.
News
Data protection headache for Hospitality & Leisure sectors
How compulsory data collection rules for hospitality & leisure sector could cause data protection headache for some. Find out more here.
News
ICO updates its regulatory approach in response to coronavirus
ICO updates its regulatory approach in response to the coronavirus pandemic. Find out more here.
News
Luxottica suffers cyber attack disrupting operations
Luxottica, the Italian eyewear conglomerate and the world’s largest company in the eyewear industry, best known for its brands Ray-Ban, Persol and Oakley, has suffered a cyber-attack that disrupted its operations in Italy and China. Find out more here.
News
A National Data Strategy for the UK published by Government
The UK Government has published a National Data Strategy that outlines five plans of action to capitalise on the opportunities data offers. Find out more here.
News
Major retailer fined €35.3 million for breach of GDPR
Major retailer, H&M, fined €35.3 million for breach of GDPR. Find out more here.
News
Investigation into Google, Apple, and Dropbox cloud services
The Italian Competition Authority has started an investigation into Google, Apple and Dropbox in relation to their cloud computing services for potentially unfair commercial practices, as well as in relation to the presence of unfair clauses in contractual terms. Find out more here.
News
Morgan Stanley sued for failing to secure personal data
In the USA a class action has been issued alleging failures by Morgan Stanley to safeguard personal data, leading to a data breach. Find out more here.
News
Vodafone fined €100,000 for sending unwanted emails
The Spanish data protection authority has fined Vodafone for continuing to send emails to someone who had requested the deletion of their data. Find out more here.
News
Bank fined €50,000 for GDPR violation by Spanish regulator
The Spanish data protection authority has fined a bank €50,000. Bankia S.A. breached the GDPR by retaining personal data of an individual for more than 16 years. Find out more here.
News
Pulse Secure data breach leaks details of 900 organisations
The French data protection authority (CNIL) has issued a statement following Pulse Secure data breach. Find out more here.
News
Photo reader device warning from French Regulator
The French data protection authority (CNIL) has announced that it has issued formal warnings to some organisations about their photo reader devices. Find out more here.
News
McDonald’s data breach investigated by data protection regulator
The Polish Data Protection Regulator has launched an investigation into McDonald’s after someone gained unauthorised access to employee information. Find out more here.
News
Google sued for collecting user data without consent
Three class actions have been launched against Google (in Canada) accusing it of collecting user data without consent, including for online advertising purposes. Find out more here.
News
Video surveillance guidance for private organisations
A German Data Protection regulator, DSK, has issued guidance on video surveillance by non-public bodies under the GDPR. Find out more here.
News
EU Data Protection Regulator suffers data breach!
The Danish data protection authority has announced that it has itself suffered a personal data breach. Read what happened here.
News
Apple’s iOS 14 wants your agreement for advertisements
Apple’s iOS 14 will require that all apps receive user consent in order to access an iPhone’s unique advertising identifier. Read more here.
News
Failure to delete personal data leads to potential £133k fine
Arp-Hansen Hotel Group (A-H Group) to the police for failure to delete the personal data of customers in violation of the GDPR. Read more here.
News
Impact of the CJEU decision on online advertising addressed
Interactive Advertising Bureau has published FAQs addressing the impact of the CJEU’s decision that the Privacy Shield is an invalid mechanism to transfer personal data the the US. Read more here.
News
Mitsubishi data breach caused by remote working malware
Mitsubishi has announced that its group network used by employees whilst working from home was accessed by unauthorised third-party malware and malicious social engineering. Read more here.
News
Oracle and Salesforce to be sued for breaching ‘cookie law’
Oracle and Salesforce are to be sued according to Forbes class-action lawsuits filed in the UK and Netherlands. Read more here.
News
The Age Appropriate Design Code to come into force
The Age Appropriate Design Code has completed the Parliamentary process and will come into force on 2nd September 2020. Read more here.
News
Unsolicited marketing messages result in £100,000 fine
The ICO has issued a fine of £100,000 against a company for sending unsolicited marketing messages to subscribers without their consent. Read more here.
News
Failure to implement effective risk assessment processes leads to $80m fine
In the US, Capital One has been fined $80m for failing to implement effective risk assessment processes. Read more here.
News
Talking is not covered by data protection laws
In the UK the High Court ruled that talking is not covered by data protection laws. They said that oral disclosures (in this case provided during a telephone call) do not constitute ‘data’ and consequently do not fall within the scope of the GDPR. Read more here.
News
French data protection regulator puts the boot into Spartoo
The French Data Protection Authority (the CNIL) has levied a fine of €250,000 on online shoe retailer, Spartoo, for various infringements of the GDPR. Read more here.
News
Employer to pay damages for failure to comply
In Germany a court has awarded a former employee €5,000 in damages for failing to comply with a Subject Access Request (SAR). Read more here.
News
Company fined €250,000 for multiple GDPR violations, including data minimisation and retention
The French data protection authority has imposed a €250,000 fine on a company for violating multiple provisions of the GDPR. Read more here.
News
Why data protection is becoming increasingly important to business
New laws and court decisions reflect a broader trend within the global privacy and regulatory environment that is making it more difficult to transfer data across borders. Read why here.
News
Cyber security is about protecting property, not just data
Ransomware attacks leads to the shutdown of the CCTV and turnstile systems of an English Football League club. Read more here.
News
Sport & cyber security
The NCSC releases new report that reveals 70% of sports institutions in the UK have suffered a cyber attack. Read more here.
News
£133.5k fine for not deleting data
The High Court has awarded two people damages (compensation) for breach of data protection law. Read more here.
News
Google under attack by regulators across the world!
The High Court has awarded two people damages (compensation) for breach of data protection law. Read more here.
News
High Court awards damages for distress under data protection law
The High Court has awarded two people damages (compensation) for breach of data protection law. Read more here.
News
Cyber crime will cost the world €5.5 trillion by the end of 2020 says report
Cyber crime will cost the world €5.5 trillion by the end of 2020. Read more here.
News
Government’s test and trace scheme is unlawful
The Department of Health and Social Care (DHSC) has conceded the initiative to trace contacts of people infected with Covid-19 was launched without carrying out a Data Protection Impact Assessment (DPIA) – an assessment of its impact on privacy. Read more here.
News
Polish Data Protection Authority reaffirms personal data rules when recruiting
The Polish Data Protection Authority issues statement reaffirming rules when obtaining personal data for recruitment purposes. Read more here.
News
Italian data protection authority issue further fines
The Italian Data Protection Authority (‘Garante’) has issued three fines in quick succession. Find out why here.
News
ICO fines business for email marketing errors
The ICO has fined Decision Technologies Limited (DTL) £90,000 for email marketing errors. Read more here.
News
Record Subject Access Request fine
The Dutch Data Protection Authority (DPA) has fined an organisation, BKR, €830,000 for charging fees and discouraging individuals who wanted to access their personal data. Read more here.
News
Sending data to the USA just became a lot more difficult!
On 16th July, the Court of Justice of the European Unions made a decision that will have far-reaching implications for all organisations that send personal data outside the EU. Read more here.
News
Italian data protection authority issues €600,000 fine
The Italian Data Protection Authority (‘Garante’) has fined a financial institution €600,000. Find out why here.
News
The European Commission publishes GDPR report
On 24 June, the European Commission published its evaluation report of the GDPR. Click here to find out more.
News
The DPC issues €75,000 fine
The DPC (the Irish equivalent of the ICO) has fined ‘Tusla’, Ireland’s child and family agency, €75,000. Read more here.
News
Google to automatically delete some of the data it collects about users
Web and app activity, including a log of website searches and pages visited, as well as location data, will now be wiped after 18 months. Read more here.
News
Online advertising, mobile phones and privacy
Apple has just announced that when iOS 14 is launch it will require advertisers (and others, such as app developers) who want access a user’s IDFA (‘ID For Advertisers’) to obtain opt-in consent. Read more here.
News
Google loses appeal against €50m GDPR fine
Google loses it’s appeal against a €50m GDPR fine. Read why here.
News
ICO guidance to businesses collecting personal data for contact tracing
The ICO has issued guidance to businesses collection personal data for contact tracing. Read that guidance here.
News
Consumers lose patience with companies that risk data
A new study reveals consumers lose patience with companies that risk data through ransomware attacks.
News
The Age Appropriate Design Code
A new code to protect children using the internet goes before parliament.
News
Get ready for the ICO’s new Direct Marketing Code of Practice
Read what Norm’s Director of Legal Services has to say on the updated guidance.
News
ThinkMarble becomes norm.
LONDON, DECEMBER 10th 2019
ThinkMarble Limited has rebranded as ‘norm’ – offering ‘reassuringly dull Cyber Security’ in a move to demystify the market.
News
One YMCA appoints norm.
LONDON, DECEMBER 10th 2019
Following a rigorous evaluation process One YMCA has selected norm’s specialist Data Protection as a Service solution.
News
The House of Garrard appoints norm.
LONDON, DECEMBER 10th 2019
NormCyber Limited has been appointed specialist Data Protection as a Service (DPaaS) provider to the iconic jewellers Garrard & Co.
News
David Perez appointed as new CEO
Thursday 10th October 2019 ThinkMarble Limited is pleased to announce that it is making a leadership change to underpin its exciting growth plans. David Perez has joined the UK based Cyber-Security-as-a-Service (CSaaS) business as CEO and replaces Andy Miles who is the Founder and now former CEO of the business. Andy will remain heavily involved…
News
James Hambro & Partners appoints ThinkMarble
LONDON, SEPTEMBER 19th 2019
James Hambro & Partners has adopted ThinkMarble’s specialist virtual Data Protection Officer (vDPO) service.
News
ThinkMarble service available on G-Cloud 11
LONDON, JULY 2nd 2019
ThinkMarble, the world-class, component-level, end-to-end, Cyber Security Operator, today announced its services are now available to public-sector bodies via the latest Crown Commercial Service (CCS) framework, G-Cloud 11.
News
2018 SME Industry Champion at the NCSC CyberFirst Awards
LONDON, MAY 9th 2019
Find out more about ThinkMarble’s prestigious award win at the UK government’s flagship cyber-security event.
News
Wright joins ThinkMarble in new Operations role
LONDON, UK – Monday 21st January 2019Think Marble is pleased to announce that, as part of its growth strategy, it has appointed Demyon Wright to the new role of Operations Director within the business. Demyon joins ThinkMarble with nearly 15 years of experience as a Head of Service Management in the industry and an impressive…