In what appears to be “the most consequential data breach in history”, it has been reported that Cambridge Analytica, a data firm widely-credited with helping Trump win the US presidential campaign, harvested millions of Facebook profiles by and built a powerful software program to predict and influence votes.
It has been argued that Facebook found out about the breach but failed to inform users that their profile information may have been obtained and kept by Cambridge Analytica. Facebook then only took limited steps to recover and secure the private information.
Why is this important?
More recently, a huge onus has been placed on the protection of personal data globally. Whilst this currently seems to affect only US citizens, the introduction of the GDPR legislation coming into force in May 2018 places a huge focus on the rights of all EU individuals. Despite negotiations for Brexit, this still affects all UK businesses and with the deadline looming, it’s something we all need to be prepared for.
The new legislation says that all organisations must report certain types of personal data breach to the ICO within 72 hours. There are also various steps which must be taken in response to a personal breach including notifying affected individuals.
Preparing for a personal data breach
The ICO have prepared a checklist for use to ensure your business is prepared for any potential data breaches.
If you need any help in ensuring your business is ready for the GDPR deadline, please get in touch with one of our specialist team today.