SAI Global GRC Community

Building Organizational Integrity.
Blogs >> Privacy and Data Protection

The United Kingdom Information Commissioner's Office (ICO) has made available an enforcement notice (27 August 2014) served under the Data Protection Act 1998 c. 29 (UK) to Winchester and Deakin Ltd (trading as Rapid Legal and Scarlet Reclaim) after the direct marketing company was found to have made unsolicited marketing calls to people who had:

The United Kingdom Information Commissioner's Office (ICO) has announced that Racing Post has signed an undertaking (undated) to improve its electronic data security practices following the compromise of 677,335 accounts during a data breach in October 2013.

The United Kingdom Information Commissioner's Office (ICO) has announced that a bank employee responsible for investigating money laundering allegations has been fined after admitting to having read his colleagues' bank accounts.

Guidance on Responding to a Data Breach

27 Aug 2014
Written by World Watch

The Office of the Australian Information Commissioner (OAIC) has made available Data breach notification guide: A guide to handling personal information security breaches (August 2014), which "provides general guidance for agencies and organisations when responding to a data breach involving personal information that they hold".

The United Kingdom Information Commissioner's Office (ICO) has announced that Thamesview Estate Agents (Thamesview) has signed an Undertaking (undated) after one of the company's outlets continued to dispose of papers containing customer personal information in transparent bags that were left on the street. According to ICO head of enforcement Stephen Eckersley, the information on the papers was clearly visible and included passport copies and previous tax payment details.

Published in Records Management

The American Bar Association (ABA) has made available the biographies (undated) of the panellists at its recent event The Evolution of Cybersecurity and Planning for Response, hosted by the association's cybersecurity legal task force.

France's data protection authority the Commission nationale de l'informatique et des libertés (CNIL) has announced that it has ceased its monitoring of SAS Hypercosmos, since the shopping centre operator has fully complied with a CNIL request to end the excessive use of video surveillance and biometrics.

The United Kingdom Information Commissioner's Office (ICO) has fined (21 July 2014) online travel services provider Think W3 £150,000 after a "serious breach" of the Data Protection Act 1998 c. 29 (UK) that "revealed thousands of people's details to a malicious hacker".

The United States Securities and Exchange Commission (SEC) has ordered (25 July 2014) alternative trading system (ATS) operator and Citigroup unit LavaFlow to pay a total of US$5 million to settle charges that it "fail[ed] to protect the confidential trading data of its subscribers".

Google Served a Warrant in Money Laundering Probe

23 Jul 2014
Written by World Watch

The United States District Court for the Southern District of New York has made available US Magistrate Judge Gabriel Gorenstein's Memorandum Opinion (18 July 2014) in the matter of an application seeking a warrant to obtain emails from a Google-hosted "Gmail" webmail account. The application also sought to permit a search of those emails as part of an investigation into possible money laundering-related and similar offences.

Published in Anti-Money Laundering
Page 1 of 30

© 2015 SAI Global Limited ABN 67 050 611 642




User Registration
or Cancel