Category Data Protection

ICO fines 4 firms for nuisance calls and spam texts

The ICO has fined four firms a total of £600,000: Barrington Claims Limited had made over 15 million automated calls about PPI; Newday Limited used other firms to send 44.7 million spam emails to promote its financial products to people who had subscribed to websites the other firms operated; Goody Market UK Limited, operator of […]

FCA publishes distributed ledger technology feedback statement

Following the publication of its discussion paper regarding the risks and opportunities, and characteristics of distributed ledger technology (DLT) in April 2017, the FCA’s feedback statement FS17/4 sets out responses received and the FCA’s next steps. The responses related to the following issues: operational risk, including outsourcing and network security; digital currency, including digital currency […]

LMA publishes London Market Core Uses Information Notice in light of GDPR

The Lloyd’s Market Association (LMA), along with the International Underwriting Association of London, the London & International Insurance Brokers’ Association and the British Insurance Brokers’ Association, has published a London Insurance Market Core Uses Information Notice, which takes into account GDPR requirements. The Notice has been designed to assist a market participant and to help data […]

ENISA publishes recommendations on cyber insurance

The European Union Agency for Network and Information Security (ENISA) has published a report on the commonality of risk assessment language in cyber insurance. ENISA comments on the growth of the cyber insurance market and its anticipated further expansion as a result of the General Data Protection Regulation and the Directive on Network and Information […]

ICO launches new advice service to help small organisations with GDPR preparations

The Information Commissioner’s Office (ICO) has launched an advice line in order to help small organisations prepare for compliance with the EU General Data Protection Regulation (GDPR),  which is due to come into force in May 2018. The phone service is aimed at people running small businesses or charities and recognises the particular problems they face […]

FCA report – lessons learned from its regulatory sandbox

On 20 October 2017, the FCA published a report on lessons learned from its regulatory sandbox. As a reminder, the regulatory sandbox allows firms to test innovative products, services and business models in a live market environment, while ensuring that appropriate safeguards are in place. The report contains the FCA’s reflections on how the sandbox […]

EBA: Overview of PSD2 national transposition projects and new reports

The EBA recently published a table which includes key questions around the Payment Services Directive 2 (PSD2) transposition activities and dates of the different EEA countries. In addition, the EBA has announced the release of two new publications in its ongoing series of working group papers, dealing with PSD2 and distributed ledger technology (DLT) driven opportunities for new […]

ABI comments on the impact of the GDPR on innovation in insurance

On 12 October 2017, the Association of British Insurers (ABI) published a blog on the impact of the GDPR on innovation in insurance. The ABI discusses a recent study on “Harnessing Innovation in European Insurance” undertaken by an independent research company, PAC, and BAE Systems. The study reports that “only one third of European insurers believe themselves to […]

EIOPA speaks on future disruption to the insurance industry

Dr. Manuela Zweimüller, Head of Policy Department at EIOPA, has delivered a speech on what will the future hold? The European insurance industry in times of major disruption. The speech highlights challenges in respect of InsurTech, Brexit and Regulatory stability. EIOPA considers that the insurance industry needs to reinvent itself in respect of InsurTech and […]

ICO fines bank for spam marketing

The ICO has fined Vanquis Bank £75,000 for sending 870,000 texts and 620,000 emails promoting its credit cards to recipients who had not consented to receive them. It had used marketing lists from other organisations and relied on indirect consent rather than checking the right levels of consent had been obtained. ICO found the consent […]