ICO issues new guidance on video surveillance systems, ICO issues fines for nuisance marketing texts and more in this week’s round-up of UK and EU techlaw news developments not covered elsewhere on the SCL website.
ICO issues new guidance on video surveillance systems
The ICO has developed guidance about video surveillance systems to help organisations in the public and private sector, who use video surveillance systems to collect and process personal data. It aims to help organisations comply with the legal requirements of the UK GDPR and the Data Protection Act 2018. It will also be relevant to law enforcement authorities that are using video surveillance separately for any purposes under the UK GDPR. It covers the processing of personal data by video surveillance systems by public and private sector organisations. Surveillance systems specifically include, but are not limited to traditional CCTV, Automatic Number Plate Recognition, body worn video, drones, facial recognition technology, dashcams and smart doorbell cameras.
ICO issues fines for nuisance marketing texts
The ICO has fined and issued an enforcement notice to Money Hive Limited, a pay day loan company. The company sent over 700,000 nuisance marketing texts advertising short-term, high-interest loans. The Money Hive Limited believed that customers had given consent to receive marketing. However, to progress their loan application, customers had no choice but to agree to marketing. This did not count as valid consent. The Money Hive Limited were fined £50,000. The ICO also fined Tempcover Ltd, a short-term motor insurance company, £85,000 for sending almost 30 million unsolicited marketing email and text messages to customers without consent or being able to rely on the soft opt-in exemption. Tempcover Ltd sent the messages to people who had signed up to receive a quote via their website. They failed to provide customers with an opportunity to opt-out of receiving marketing, and essentially made agreement to marketing a condition of service. Customers were also automatically opted in to receiving marketing via texts and emails, without being given a choice. By not giving customers a way of refusing marketing when they gave their details, Tempcover Ltd could also not rely on the soft opt-in exemption for direct marketing.
CNIL publishes a new White paper on payment data and means of payment
The White paper is intended for the general public, to provide a better understanding of the privacy issues relating to data and means of payment; professionals: for developments regarding the CNIL's key concerns in this area, as well as the priorities it foresees in terms of support. It addresses a wide range of issues: from the variety of players with new competitive dynamics, to the international circulation of payment data - a sovereignty issue for Europe - via the question of anonymity and the use of cash, the new risks arising from the increasing digitalisation of payment operations, the use of "crypto-currencies", the practical application of the main principles of GDPR in the field of payments, etc.
Irish Data Protection Commission publishes 2021 Annual Report
The Irish Data Protection Commission has published its Annual Report for 2021. It says that 2021 was characterised by significant momentum gain. Leveraging its experiences of the GDPR’s first three full years of implementation,2021 saw the DPC resolving thousands of complaints; processing thousands more data breach notifications; imposing fines and corrective measures following detailed decisions; auditing Irish political parties; settling its enforcement action in relation to certain processing elements of the Public Services Card on terms protective of the data rights of citizens generally; assessing Binding Corporate Rules applications; contributing to the European Data Protection Board; progressing largescale investigations; publishing comprehensive final guidance on protecting children’s data; and guiding and overseeing organisations and sectors in the practical application of the GDPR on an ongoing basis.