norm. data protection bulletin: 6th October 2023

Norm data protection bulletin

DCMS Committee recommendations on monitoring employees

The Culture, Media and Sport Committee has published a report ‘Connected tech: smart or sinister?’.  Among its recommendations are that monitoring of employees should only be done in consultation with employees and with their consent.  The report calls on the ICO to develop its draft guidance on monitoring at work into a principles-based code for designers and operators of workplace connected technology. 

If these recommendations are accepted by the ICO, the monitoring of employees will become much more challenging.

Three-fold increase in self-reported cyber-related personal data breaches to the ICO by financial services organisations

Figures obtained in a Freedom of Information Act (FOIA) disclosure by the ICO have revealed a notable three-fold increase over the last year in self-reported cyber-related personal data breaches to the ICO by financial services organisations. In total, nearly a thousand cyber security breaches affecting personal data have been reported in the last two years. 731 breaches were reported between June 2022 and June 2023 – a significant increase from the 261 cases reported between June 2021 and June 2022.

UK/U.S. Data Bridge agreed

The Data Bridge is the UK Extension to the EU-US Data Privacy Framework and is due to take effect on 12 October 2023. From that date organisations in the UK will be able to export personal data to some US organisations without the need for additional transfer tools.

Get norm.’s data protection bulletin direct to your inbox

norm. tracks and monitors the latest data protection developments and collates these into a monthly data protection bulletin.

You can receive this bulletin for free, every month, by entering your business email address below: