Latest blog posts Join us on LinkedIn PwC UK YouTube channel Subscribe to our RSS feed Join us on Facebook Follow PwC on Twitter

20 July 2017

ICO publishes its first ever international strategy

By Samantha Sayer @SamSPrivacyGuru By Dennis Holmes On 4 July 2017, the UK Information Commissioner’s Office (ICO) published its first ever International Strategy for 2017-2021. The strategy is a clear indication by the ICO that it intends to continue to invest in the protection of individuals’ personal data globally. In...

18 July 2017

The House reports: Brexit & EU Data Protection Reform - so what for the UK?

By Stewart Room, witness before the House of Lords Committee Follow @StewartRoom The House of Lords EU Home Affairs Sub-Committee has published their report today on the EU Data Protection reform package and the implications of Brexit. The Committee is concerned that after Brexit, UK trade with Europe and the...

17 July 2017

GDPR controls frameworks - how do you know if they are any good?

By Stewart Room Follow @StewartRoom It might be surprising to know that despite a very long history of laws, regulations and operational practices - nearly 50 years in Europe - there is no consensus on what a good controls framework for Personal Data Protection actually looks like. This blog attempts...

10 July 2017

The ICO guidance on big data, AI and machine learning - what humans can learn

By James Witton Guidance on the interpretation on the provisions of the GDPR naturally shoots to the top of the privacy professional’s reading lists at the moment. As such, you could be forgiven for not absorbing the ICO’s 100+ page guide to big data, artificial intelligence (AI), machine learning and...

05 July 2017

Demystifying DPIAs

By Samantha Sayers and Kayleigh Clark @SamSPrivacyGuru To date, Privacy Impact Assessments (PIAs) have been widely recommended as a valuable, but not mandatory, tool to reduce privacy risks by a number of data protection authorities across Europe. However, the introduction of the EU General Data Protection Regulation (GDPR) from May...

15 June 2017

Brexit - will the UK deliver the GDPR and do we need an "adequacy decision"?

By Stewart Room Follow @StewartRoom Now that the General Election is done and we're through purdah, we can return to the issue of Brexit. A big question for data protection is will the GDPR apply in the UK after Brexit? The best answer, taking account of the political, economic, social...

14 June 2017

Applying GDPR to the legacy data environment and the processor engagement framework

By Stewart Room How to handle the "legacy data" environment is one of the big challenges of the GDPR. For the purposes of this blog "legacy data" means personal data that are processed before and after the GDPR comes into force. The key question is whether the law requires a...

08 June 2017

Is your organisation carrying out “rigorous checks” on third party suppliers?

By Tughan Thuraisingam Follow @TughanTT News of Information Commissioner’s Office (“ICO”) fines issued to companies for nuisance calls and messages seem as though they appear across our news feeds on a daily basis. In March alone ICO reported 196 cases under investigation with close to £600,000 of fines issued. In...

25 May 2017

PwC Privacy and Security Enforcement Tracker launches, marking the one year countdown to the GDPR

By Stewart Room Follow @StewartRoom Today PwC is publishing its 2016 Privacy and Security Enforcement Tracker, which reviews the regulatory enforcement cases in the UK and 20 other countries in 2016. This is our third annual Enforcement Tracker and if you are preparing for the GDPR, it will provide you...

18 April 2017

Technology’s role in data protection - the missing link in GDPR transformation

By Stewart Room and Peter Almond Follow @StewartRoom The introduction of the EU General Data Protection Regulation (GDPR) from May 2018 will deliver a fundamental change in how personal data must be handled. Instead of being an afterthought, protections for personal data will now have to be designed into the...