information commissioners office
Latest
Facebook agrees to pay the UK £500K for the Cambridge Analytica scandal
Facebook may be looking ahead to the 2020 election, but it's still sweeping up debris from 2016. Today, Facebook agreed to pay the UK's Information Commissioner's Office (ICO) £500,000 (about $644,000) for its role in the Cambridge Analytica scandal. As part of the deal, Facebook will not admit to any wrongdoing.
Sony drops appeal for ICO-issued 2011 data loss fine
Sony dropped its appeal and will therefore have to pay a £250,000 fine issued by the UK Information Commissioner's Office related to a massive data breach on PSN in April 2011. ICO issued the fine in January 2013, calling the hack a "serious breach of the Data Protection Act." "After careful consideration we are withdrawing our appeal. This decision reflects our commitment to protect the confidentiality of our network security from disclosures in the course of the proceeding," a Sony representative told V3. "We continue to disagree with the decision on the merits."
Sony may be hit with £500K fine over PSN data loss
The UK's Information Commissioner's Office (ICO), a non-departmental public body, has contacted Sony to determine where PlayStation Network data is stored -- not in an effort to locate the hackers who reportedly grabbed it, but to determine whether any of it is being stored in the UK. If PSN user data is stored in the UK, then it is subject to the Data Protection Act, which requires companies that hold personal data to provide adequate security for it. Notably, the law would trump Sony's PSN Terms and Conditions, which includes the line: "We exclude all liability for loss of data or unauthorised access to your data, Sony Online Network account or Sony Online Network wallet and for damage caused to your software or hardware as a result of using or accessing Sony Online Network." "If we found a breach," an ICO rep told Edge, "one of the actions we could take would be to issue an undertaking, which is an agreement between the ICO and the company that if they are handling personal information they have to bring about set improvements in order for them to be compliant with the act." If the company fails to comply, the rep added, "further action would be taken, and we might consider an enforcement notice or issue a monetary penalty." For a serious breach, the fine can reach £500,000 (more than $800,000). Admittedly, that wouldn't be a huge payout for Sony, but considering the other costs of the security breach and PSN outage the company stands to incur, it would probably sting a little.
