

Discover more from DPOInsider
The DPOInsider covers the latest news and developments in data compliance and privacy. The DPO's favourite weekly read ☕️
ICO gives Interserve £4.4 million for failure to secure employee data
I’ve talked about employee data before in this newsletter. With data privacy, the go to approach is often to focus on customer data.
But employee data is just as important, and it’s often overlooked. Whether this is due to it sitting in a system that regularly goes unaudited, or DPOs are unaware of it’s existence.
Well the ICO has hit Interserve with a £4.4m fine following an investigation into an attack on their systems.
The attack affected over 100k of the company’s employees, a not insignificant amount.
The truth is that it seems from the report that Interserve was using an outdated system with less up-to-date protocols. This was combined with ineffective endpoint security and a severe lack of training on phishing.
So for any DPOs out there with a large internal workforce, there’s your checklist of where to focus, if you haven’t already.
The full report can be found here.
Biden signs an executive order for EU-US data privacy framework
It seems that we’re moving closer to a new replacement for Privacy Shield.
On October 7, 2022, President Biden signed an Executive Order (Order) on Enhancing Safeguards for United States Signals Intelligence Activities
The framework is meant to protect transatlantic data transfers after the Screms II ruling which declared privacy shield unfit for purpose.
The executive order means that the US is committed to upholding the data protections that EU personal data receives within the EU.
Some commitments in the order:
A new redress mechanism
Internal procedural requirements for the handling of personal data.
Safeguards around US intelligence activity
An update to the privacy principles
Both the UK and the Eu will now choose whether to approve the framework.
Other data privacy news
TikTok tells European users its staff in China get access to their data
The 2022 Midterm Elections Are Putting Data Privacy at Risk
Bed, Bath & Beyond confirms data breach following employee phishing attack
A data privacy primer with Google – everything you need to know
Post of the week
