|Online consent scam outlawed in fight over personal data
|Automatically ticked consent boxes that allow companies to harvest and exploit valuable personal information are to be banned in an overhaul of consumer protection laws for internet users.
DNA profiles and browsing histories are also to be included in a new definition of personal data, with companies facing criminal prosecution if they fail to protect users’ identities, report Francis Elliott and Mark Bridge.
Ministers will today spell out the details of a Data Protection Bill to be introduced in the Commons next month. It will include the right of adults to request the deletion of social media content they posted as children.
While that measure was expected, ministers will say that they intend also to expand the definition of personal data to include IP addresses and cookies. Matthew Hancock, digital policy minister, said that the bill would contain the most robust, yet dynamic, data laws in the world. “It will give people more control over their data, require more consent for its use and prepare Britain for Brexit,” he added.
Experts said that it could have far-reaching effects on companies that trade in anonymised data harvested online. Some offer cheap genetic tests for genealogy and then sell the information to medical researchers.
Audit Compliance Ltd are now resellers of The Compliance Office which is an online database customised to allow for user friendly recording, reporting and automated email chasing in the context of risk, CPD’s and compliance logs maintained by Solicitors’ firms;
The Compliance Office allows users to keep a record and monitor specific events in the context of regulatory risk including:
- SRA rule breaches;
- CPD activity;
- file reviews;
- negligence claims;
- high-risk cases;
- key dates (e.g. limitation dates)
- gifts and events;
The CPD functionality includes tools which help solicitors comply with the Solicitors Regulation Authority’s Continuing Competence regime.
By default staff chasing by email is automated in terms of both creating a CPD plan towards the start of the practising year and making the internal CPD declaration also towards the end of it;
- Whilst some firms choose to keep all data entry going through a single resource in the business the application is designed to ease that administrative burden by allowing registered users to upload data to the registers more simply and robustly than would be the case with a centrally saved spreadsheet;
- if firms (the Customers) wish to roll out the use of the system throughout the firm however then there are by default three user levels:
- ‘general users’ (typically fee earners) – by default users can add to the complaints, undertakings, rule breaches, negligence claims, key dates, file reviews, high-risk matters, gifts and entertainment, experts / counsel and legal aid referral logs only.
- The other logs are reserved to compliance managers and system administrators who are able to update their own entries as regards complaints, undertakings, key dates, high-risk matters and CPD. This is because typically we find that these are the areas where the matter holder is best placed;
- ‘compliance managers’ (typically COLPs, COFAs, MLRO, Senior Partners, Information Officers etc) – those with a need to monitor the compliance data are able to be given a compliance manager role within the system. This allows them to review and amend much of the data held on the system (see ‘administrator access’ below for the only exceptions to this);
- ‘administrator’ – these individuals have all of the rights of a general user and a compliance manager but in addition can add users to the system, alter the user status (i.e. the rights) of an individual and remove individuals from the system. It is recommended that within each law firm there is only one administrator;
- the system sends out email notifications to matter holder supervisors when new entries are made to certain higher risk registers, namely: complaints, rule breaches, negligence claims, high-risk matters, key dates falling within the next 40 days and gifts and entertainment. Similarly, emails are sent to matter holders and their supervisors where key dates which are due to expire in the next 5 weeks or undertakings due to expire in the next 40 days. If you would like these notifications to also go to other individuals such as the COLP or COFA etc then such individuals need to be entered onto the system as additional ‘escalation contacts’
- Please note that in addition supervisors are emailed chasers when file review forms are out of date and by default such emails would be copied to the Customer’s system administrator.
Users ACL Price List excl VAT Price excl VAT The Compliance Office Annual Price Per Month Sole Practitioner £900.00 £75.00 2 to 10 £1,495.00 £125.00 11 to 25 £1,595.00 £145.00 26 to 50 £1,795.00 £160.00 51 + £1,995.00 £170.00