Slashdot Mirror

← Back to Domains

Domain: ico.gov.uk

Stories and comments across the archive that link to ico.gov.uk.

Stories · 7

  1. Sony Fined In UK For PlayStation Network Hack

    Games · Business · · posted by timothy · from the that's-barely-a-bonus-for-ceos dept. · 86 comments
    Sockatume writes "The UK's information protection authority, the ICO, has fined Sony for failing to adequately secure the information of PlayStation Network users. The investigation was triggered by a 2011 security breach, during which personally identifying information (including password hashes) was recovered from a Sony database where it had been stored without encryption. In the ICO's view Sony's security measures were inadequate, and the attack could have been prevented. The £250,000 (ca. $400,000) fine, the largest the ICO has ever imposed, is equivalent to a few pennies per affected user. Sony disagrees with the ICO's decision and intends to appeal."

  2. Google Didn't Delete All Street View Wi-Fi Data

    Tech · Google_Fb · · posted by Soulskill · from the don't-trust-the-recycle-bin dept. · 150 comments
    nk497 writes "Google is in more trouble over the Street View Wi-Fi data slurping incident. Two years ago Google admitted it had collected snippets of personal data while sniffing for Wi-Fi connections. The UK's data watchdog, the ICO, didn't fine Google, but did demand it delete the collected data. Following the FCC's investigation, the ICO double-checked with Google that the data was deleted, receiving confirmation that it had. Except... it hadn't all been deleted, Google has now admitted. That breaches the deal between the ICO and Google, and the watchdog has said it's in talks with other regulators about what to do next."

  3. Study Finds 1 in 10 Used Hard Drives Contains Old Personal Data

    Yro · Government · · posted by samzenpus · from the sharing-secrets dept. · 111 comments
    Lucas123 writes "A newly published study by Britain's data protection regulatory agency found that more than one in 10 second-hand hard drives being sold online contain recoverable personal information from the original owner. "Many people will presume that pressing the delete button on a computer file means that it is gone forever. However this information can easily be recovered," Britain's Information Commissioner, Christopher Graham, said in a statement. In all, the research found 34,000 files containing personal or corporate information were recovered from the devices. Along with the study, a survey revealed that 65% of people hand down their old PC, laptop and cell phones to others. One in ten of those people who disposed of their old devices, left all their data on them. The British government also offered new guidelines for ensuring devices are properly wiped of data."

  4. UK University Researchers Must Make Data Available

    Yro · Government · · posted by timothy · from the time-to-pay-the-public-piper dept. · 352 comments
    Sara Chan writes "In a landmark ruling, the UK's Information Commissioner's Office has decided that researchers at a university must make all their data available to the public. The decision follows from a three-year battle by mathematician Douglas J. Keenan, who wants the data to do his own analysis on it. The university researchers have had the data for many years, and have published several papers using the data, but had refused to make the data available. The data in this case pertains to global warming, but the decision is believed to apply to any field: scientists at universities, which are all public in the UK, can now not claim data from publicly-funded research as their private property." There's more at the BBC, at Nature Climate Feedback, and at Keenan's site.

  5. T-Mobile UK Employees Sold Customers' Information

    Yro · Communications · · posted by kdawson · from the gone-rogue dept. · 65 comments
    angry tapir writes "Workers at T-Mobile UK have been selling customer data to brokers who worked for the competition, according to T-Mobile and the UK's Information Commissioner's Office. Criminal charges are being prepared. 'Many thousands' of customers' account details, millions of records, were sold to several brokers for substantial amounts of money, the ICO said. In an announcement (PDF) from the ICO, the agency does not name the operator involved, but T-Mobile acknowledged that it had alerted ICO about the data breach. The BBC reports that after the other mobile operators said they were not the subject of the investigation, T-Mobile confirmed its involvement."

  6. Covert CCTV Monitoring in the Workplace?

    · posted by ryuzaki0 · from the sign-o'-the-times dept. · 109 comments
    An Inquiring Mind asks: "A good friend's employer has recently installed a CCTV system in the office she works at. This is not unusual in itself, but there is no notice that CCTV is in use, and no company policy regarding CCTV use in employee monitoring, data retention, or anything else. My understanding is that CCTV use in the UK is covered by the DPA (Data Protection Act) if: it is used to gather information about an individual; is monitored remotely; or is given to people other than law enforcement bodies (this from a CCTV/PDA document [pdf], from the website of the Information Commissioner's Office). If it does fall under the remit of the DPA, then they would need at least signage, and a policy for the retention of the data. Given that this camera would likely fall foul of the DPA, that challenging the employer would be career suicide (due to internal politics), and that she has nothing to hide -- what do other Slashdot readers think should be the next step for my friend: principled but suicidal stand, or quiet annoyance?" Much of what is allowed depends on the law of the land in your area. Depending on what the laws do and do not allow, how would you safely approach your employers to air your concerns on this subject?

  7. Covert CCTV Monitoring in the Workplace?

    · posted by ryuzaki0 · from the sign-o'-the-times dept. · 109 comments
    An Inquiring Mind asks: "A good friend's employer has recently installed a CCTV system in the office she works at. This is not unusual in itself, but there is no notice that CCTV is in use, and no company policy regarding CCTV use in employee monitoring, data retention, or anything else. My understanding is that CCTV use in the UK is covered by the DPA (Data Protection Act) if: it is used to gather information about an individual; is monitored remotely; or is given to people other than law enforcement bodies (this from a CCTV/PDA document [pdf], from the website of the Information Commissioner's Office). If it does fall under the remit of the DPA, then they would need at least signage, and a policy for the retention of the data. Given that this camera would likely fall foul of the DPA, that challenging the employer would be career suicide (due to internal politics), and that she has nothing to hide -- what do other Slashdot readers think should be the next step for my friend: principled but suicidal stand, or quiet annoyance?" Much of what is allowed depends on the law of the land in your area. Depending on what the laws do and do not allow, how would you safely approach your employers to air your concerns on this subject?