
Tom Morrison returns with a review of the world of information law
It has been a busy year for the Information Commissioner’s Office (ICO), but some significant changes are afoot which makes it unlikely that 2016 will be any quieter.
We started the year with the usual glut of information law-related news including a flurry of enforcement action. This time it was high street shoe retailer Office in the spotlight, having had to enter into an undertaking with the ICO following a hack of Office’s systems which exposed the personal data of over one million of its customers. Contact details and website passwords were held in an unencrypted database on servers which were due to be decommissioned. For businesses this highlights not only the well rehearsed concerns around data security but also the fact that holding onto information for longer than is needed automatically increases risk. For individuals, it is a timely reminder to make sure that you do not use the same password for multiple services otherwise when one is hacked all become vulnerable.
Sadly breaches such as this are increasingly commonplace, with TalkTalk