MoD Gets Fined £350,000 by the ICO

February 29, 2024

by Olena Nechyporuk

The Ministry of Defence (MoD) Gets Fined £350,000 by the ICO for infringing on the GDPR Principle of ‘Integrity and Confidentiality’.

The MOD sent emails inadvertently using the “To” field rather than the “Bcc” field. 265 unique email addresses were disclosed in breach of GDPR Article 5(1)(f). The MOD were fined £350,000.

security

Under the U.K. GDPR, organisations must implement appropriate technical and organisational measures in place to protect data, thus preventing data breaches. However, the MoD failed to demonstrate this when email messages were sent to multiple recipients with all email addresses exposed. The ICO has said they should have used bulk email services, mail merge, or secure data transfer services when sending any sensitive personal information electronically.

Read more

Data-Privacy-Training-image

AllNet Law | IAPP Certification Programme
CIPP/E, CIPT and CIPM.

RECENT POSTS

Privacy In Focus | July
Privacy In Focus | June
Privacy In Focus | May
Safeguarding Web 3: The Imperative for Data Security in the Blockchain Era
Privacy In Focus | April

CATEGORIES

AI
Biometric Data
CJEU
COVID
Cross-Border Data Transfer
Crypto
Data Breach
Data Governance
Data Protection
Data Sharing
EDPS
EU
Enforcement Action
GDPR Infringement
GDPR Principles
IAPP Resources
ICO
Law
Marketing
NYOB
News
PECR
Privacy Jargon Buster
SCC
Safeguard
Social Media
UK GDPR
US Laws
Web 3
ePrivacy Directive
ABOUT US

TRAINING, CONSULTANCY & AUDITING

Internet Law Specialists: Providing training and consultancy services on the Internet and related laws.

Company Registration:
England & Wales: 12054338
VAT Registration: 357653860

© AllNet Law 2024
WHAT WE DO
Outsourced DPO ServicesData Protection TrainingCIPPE TrainingCIPM TrainingCIPT TrainingGDPR-TrainingC-DPO Training
GENERAL
Terms and ConditionsCookies & Privacy NoticeContact Us
Phone Icon033011 38846
email iconinfo@allnetlaw.com
twitterlinkedin
CIPD Member LogoIapp Image