Included in this edition of Data & Privacy News: Whistleblower reports to ICO increase by 175% since GDPR; ICO consultation on updated code of practice for data sharing; Science and Technology Committee expresses concern over facial recognition trials and more...


Whistleblower reports to ICO increase by 175% since GDPR

Research has shown that the number of data breach whistleblower reports to the ICO has increased by 175% since GDPR came into force in May 2018 as a result of people becoming more vigilant in the handling of personal data.

For the year ending May 2019, there was 379 whistleblower reports, compared to 138 the previous year.

The rise in reports may be a concern to businesses in light of the recent fines announced by the ICO.

ICO consultation on updated code of practice for data sharing

The ICO has opened a consultation on their updated draft code of practice for data sharing. 

The updated code provides information on changes to data protection legislation were relevant to data sharing and addresses aspects of the new legislation such as transparency, the new accountability principle and having lawful bases for sharing.

The consultation closes on the 9 September 2019.

Science and Technology Committee expresses concern over facial recognition trials

A report by the Parliamentary Science and Technology Committee has expressed concern over the Government's approach to biometrics and forensics, saying it poses a significant risk to the effective functioning of the criminal justice system. 

In the report, many respected, independent bodies highlighted that a lack of legislation on the use of automatic facial recognition had led to the legal basis of trials being called into question.

The Committee has reiterated its call to end automatic facial recognition technology trials until all the issues identified have been resolved. They have also recommended that the Home Office should apply for a legislative slot for a bill in the next parliamentary session rather than rely on backbench MPs to progress the legislation through Parliament. 

EDPB adopts Guidelines on video surveillance

The EDPB has adopted Guidelines on the processing of personal data through video devices in an aim to ensure the consistent application of the GDPR.

Both traditional and smart video devices are covered by the new Guidelines, though the focus is mainly on rules concerning the processing of special categories of data for smart video devices. 

The Guidelines, which will be subject to consultation, also cover the lawfulness of processing, the disclosure of footage to third parties and the applicability of the household exemption.

Key contacts

Ross McKenzie

Ross McKenzie

Partner, Commercial Services
Aberdeen, UK

View profile
Helena Brown

Helena Brown

Partner, Head of Data
Edinburgh, UK

View profile