Data Protection Round Up - January 19, 2016

This the first of our monthly Data Protection round ups covering topics for the start of 2016.

Data Protection Regulation Workshops

Following approval by the EU institutions in tripartite negotiations in December, we are awaiting agreement of the final text of the General Data Protection Regulation, expected in the coming months. We are planning to run a series of workshops on the Regulation in the course of 2016. If you would be interested in attending, please contact us.

Telegraph fined for Election Day email campaign

In the first action of its kind taken against a newspaper, the ICO has fined Telegraph Media Group GBP 30,000 for urging its online subscribers to vote Conservative in the 2015 General Election, in breach of direct marketing rules. It announced last month that the paper had fallen foul of regulations by including a letter from Editor Chris Evans within a daily news bulletin service on 7 May 2015.

Under the Privacy and Electronic Communications (EC Directive) Regulations 2003, a recipient of direct marketing emails or SMS messages is automatically deemed to have opted out of receiving such marketing messages. The Regulations, which sit alongside the Data Protection Act 1998, require direct marketers to obtain an individual's consent to being contacted for the purpose of marketing.

In the case of the Telegraph, the ICO decided that the editor's unsolicited e-mail campaign constituted direct marketing which subscribers had not consented to receive along with their usual service. While the editorial content of newspapers may often display political bias, the ICO said in its press release, the letter from Mr Evans had "crossed a line".

Privacy campaigner Tim Turner, writing on his 2040 Information Law blog, said the fine was evidence that the ICO was "losing its appetite for DP enforcement". He pointed to another recent case in which the ICO issued a fine of £250 to patient support group the Bloomsbury Patient Network after it disclosed the identities of HIV patients through an email error. It comes as the EU begins the process of finalising the new General Data Protection Regulation, which paves the way for maximum civil monetary penalties (CMPs) of up to £15 million or 4% of global turnover.

ICO's warning to EU Referendum campaign groups

As the UK gears up to hold a vote on its continued membership of the EU perhaps as early as June, would-be campaign groups have been warned they must comply with the Privacy and Electronic...