New Encryption guidance published by the ICO

The Information Commissioner has published some useful plain English guidance on Encryption and the GDPR.

The guidance sits alongside their GDPR Guidance and aims to help organisations understand the importance of encryption in the context of the GDPR’s integrity and confidentiality principle, and particularly Article 32 on security processing.

It does this through

a summary of current forms of encryption and the considerations you should have when putting it in place, along with outlining the residual risks
a series of scenarios, outlining how encryption can be used to safeguard processed data in that example and detailing some of the risks
recommendations that encryption be used when storing or transmitting personal data because it is now widely available and at a relatively low cost

As such it is a useful reminder of encryption basics and what organisations need to consider when considering its use.

Upcoming events

SCL Webinar – Competing Interests at the Competition Appeal Tribunal (CAT): Balancing Technology with Complexity

Controlling Liability in IT Contracts – Clause and Effect

SCL Summer Networking Event – Organised by the Trainee Group

SCL Event: Procurement of Government IT Projects

Generative AI and Deepfakes: Understanding the Illusion