The Ukraine crisis and the heightened risk of cyberattacks

In these dark days of war in Eastern Europe, it is sad to say that the risk of cyberattacks is heightened. It is important to remain vigilant and to ensure all necessary proactive steps are taken to protect data, including:Revisit your risk profile and, if you are a processor holding personal data for other organisations, [...]

By |2022-05-06T10:20:31+01:0025th February, 2022|Cybersecurity, International, News, ThoughtLeadership|

Diversity and privacy go hand in hand

February marked both Black History Month in the US and LGBT+ History Month in the UK. For us at HewardMills, these are important celebrations. The origins of Black History Month in the US date back to 1926 when Carter D. Woodson and the Association for the Study of African American Life and History launched “Negro [...]

By |2022-03-07T08:55:29+00:0011th February, 2022|Diversity by design, International, ThoughtLeadership|

Data Protection Day

Recent decisions by the French Data Protection Authority (DPA), the CNIL and the Austrian DPA, the Datenschutzbehörde (or DSB), have thrown tracking activities into sharp focus.  CNIL Cookie Decisions   On 6 January, the CNIL found that on both Google and Facebook’s websites it was harder to reject cookies than to accept them and fined [...]

By |2022-01-28T10:42:15+00:0019th January, 2022|DPO, International, News|

China’s Personal Information Protection Law Generates High Demand for DPO Services

According to the Financial Times, demand for data protection officers (DPOs) has skyrocketed since the coming into force of the Personal Information Protection Law (PIPL) in China on 1 November 2021. The PIPL is China’s first comprehensive data protection legislation and is based on the constitution. The law is designed to “protect personal information rights [...]

By |2022-01-28T10:42:24+00:0012th November, 2021|DPO, Governments, International, News|

Africa focus – Kenya’s Data Protection Act 

Since the passage of the EU’s General Data Protection Regulation (GDPR) in 2018, many countries are striving to be GDPR-compliant, and Kenya is no exception. As one of the growing fintech hot spots in Africa, the rapid advancement of technology in Kenya has been turning heads in data protection. It was recently reported that fintech innovations in Kenya immensely contributed to the sharp rise in the accessibility to basic [...]

By |2021-10-06T16:34:45+01:006th October, 2021|DPO, Governments, International|

HewardMills develops Transfer Impact Assessment template

Introduction On 4 June 2021, the European Commission adopted new Standard Contractual Clauses (EU SCCs) for the transfer of personal data from the European Economic Area (EEA) to third countries that are not deemed “adequate” by the European Commission. On 11 August 2021, the UK Information Commissioner's Office (ICO) published draft UK SCCs, formerly known as the International Data Transfer Agreement (IDTA), for UK companies to use [...]

By |2021-09-03T16:14:20+01:002nd September, 2021|DPO, International, ThoughtLeadership|

Brazilian consumer protection authority fines several banks for personal data misuse

Even before the Brazilian data protection law enforcement provisions come into force on 1 August 2021, the Brazilian Justice Minister, by way of the consumer protection authority Senacon, has issued significant fines to five large banks (Itaú, Safra, Cetelem, BMG and Pan) with a presence in Brazil for the misuse of consumer personal data. [...]

By |2022-01-28T10:42:47+00:0028th July, 2021|DPO, International, News|

Works councils and data privacy rights

​The Covid-19 pandemic saw the rise of remote working. In light of this, an increasing number of organisations are also seeking to adopt monitoring tools in order to observe the productivity of employees. Under Article 4 of the General Data Protection Regulation (GPDR), behavioural characteristics of an individual constitutes as personal data. Therefore, the GDPR [...]

By |2021-07-13T17:41:18+01:008th July, 2021|DPO, International, News, ThoughtLeadership|

Schrems II decision – sanctions and enforcement

It has been almost a year since the Court of Justice of the European Union (CJEU) issued its well-known Schrems II decision which invalidated the Privacy Shield for data transfers between the EU and US. The Court established that if Standard Contractual Clauses (SCCs) are used instead, the sending party must examine privacy laws [...]

By |2021-07-13T17:40:37+01:002nd July, 2021|DPO, Governments, International, News|

France and Germany crack down on cookie compliance

France Following the publication of the cookie guidelines and recommendations, the French Data Protection Authority (DPA), the CNIL, has issued 20 organisations with formal notices giving them a month to comply with cookie laws. These include international digital players and public bodies. If they fail to comply by the deadline, they face fines of up to 2% of their turnover. [...]

By |2021-06-02T10:38:02+01:0028th May, 2021|DPO, Governments, International, News|
Go to Top