Windows 7 – And now it starts !
Hackers are already exploiting the withdrawal of support for Win 7. A vulnerability exposed with Internet Explorer is rated critical for versions found on Win7. Researchers believe the Chinese hacking group known as ‘Dark Hotel’ exposed the flaw and are behind a number of targeted attacks which have been reported.
Microsoft in response have issued a patch for all supported versions of IE; but those still using Win 7 will be left exposed.
If you are still using Win 7 then see our New Year 2020 blog for recommendations. W
BREXIT – What happens now ?
A period of transition now follows the country’s departure from the EU, during which agreement now has to be reached on whether UK business will be subject to additional requirements for receiving data from EU based organisations or consumers.
During the transition period, which is set to complete at the end of 2020; there will be no changes to current requirements.
Following transition the UK will no longer be subject to GDPR; however technical amendments which have been made to GDPR which provide for a UK only context, are to be adopted into UK law (UK GDPR) and will sit alongside the Data Protection Act.
Any business operating in the EU or providing goods or services into the EU, will still be subject to the EU GDPR and there is a possibility that they may be required to have a representative within the EU. Equally EU member states may enact legislation requiring additional safeguards by UK business receiving data from organisations within that state; therefore liaison with EU business contacts over this period would be advisable.
The current advice and guidance from the ICO remains by default as for a ‘No Deal’ scenario. It is early days, clearly all things could change – so watch this space !!
The latest guidance can be found on the link below.
ICO releases draft ‘Direct Marketing’ code of practice
A proposed draft ‘Direct Marketing’ code has been released for public consultation by the ICO, with consultations closing on 4th March 2020.
The code builds on previous guidance offered since the implementation of GDPR and the need to further protect individuals rights for privacy. In the spirit of GDPR the code does appear to be very focused on marketing utilising personal data of private individuals (consumers), as opposed to personal data obtained in the context of a business contact. Follow link for copy of the draft code:
In respect to private individuals / consumers ‘Consent’ is a key basis for lawful E -marketing to them and in keeping with this code; business should ensure that there is clear evidence that consent has been given by the individual and that they were clearly informed of the intended use of their data at that point. Consent cannot not be gained as a mandatory requirement of the individual obtaining the desired goods or services being offered.
The code gives less clarity around E marketing to individuals on a business to business basis, however the use of ‘Legitimate Interest’ is an option when appropriately applied.
In both situations a critical feature of compliance, is the ability of individuals to remove their consent and/or unsubscribe from receiving your marketing. These requests must be dealt with efficiently and marketing lists maintained accurately.
The code in respect to E Marketing links into the Privacy in Electronic Communications Regs 2003, which in return make reference to a useful document called the ‘Direct Marketing Checklist’. The checklist can help in determining appropriate marketing activities. The Checklist can be found on link below.
Please get in touch with us, if you need support with any of the topics covered above:
Thank you for reading !