Security News

Pizza takeaway and delivery outfit Papa John's has been fined £10,000 by the UK's data watchdog for sending marketing fluff to punters without their say-so. Following a year-long investigation, the Information Commissioner's Office found that the company had sent 168,022 "Nuisance marketing messages to its customers without the valid consent required by law."

The UK's Competition and Markets Authority has inked a deal with Norton where it will refund customers whose antivirus software subscription was automatically renewed. Today's agreement comes after the regulator launched legal action against Norton in March - a first for a consumer protection case - when the company refused to furnish the CMA with the information needed during the course of the investigation.

Google is offering U.K. regulators a role overseeing its phasing out of ad-tracking technology from its Chrome browser, in a package of commitments the tech giant is proposing to apply globally to head off a competition investigation. The U.K. competition watchdog has been investigating Google's proposals to remove so-called third-party cookies over concerns they would undermine digital ad competition and entrench the company's market power.

Britain has told the UN that international cyber law should allow zero-notice digital punishment directed at countries that attack others' infrastructure. A statement made by UK diplomats to the UN's Group of Governmental Experts on Advancing Responsible State Behaviour in the Context of International Security called for international law to permit retaliation for cyber attacks with no notice.

British infosec businessees mostly support beefing up the Computer Misuse Act to directly tackle the ransomware crisis - while reform campaign CyberUp has written to Home Secretary Priti Patel offering "Support" for "a renewed, forward looking framework". A number of firms that spoke to The Register expressed firm support for changes to the act that make it easier for law enforcement to pursue and convict ransomware extortionists.

Almost two weeks ago, the European Parliament took the step of objecting to the European Commission's decision to grant the UK data adequacy. The European Parliament's resolution will not block adequacy, but it nevertheless sends a significant political signal, particularly in the wake of two major court cases last week, which have found the UK's exemption of immigration from data protection laws to be unlawful and that UK mass surveillance laws violated privacy rights.

An astonishing data security blunder saw the personal data of Special Forces soldiers circulating around WhatsApp in a leaked British Army spreadsheet. The document, seen by The Register, contained details of all 1,182 British soldiers recently promoted from corporal to sergeant - including those in sensitive units such as the Special Air Service, Special Boat Service and the Special Reconnaissance Regiment.

Ignition Technology announced a partnership with Siemplify as its exclusive distributor to bring the leading independent provider of security orchestration, automation and response technology to a growing MSSP community across the UK. Siemplify is redefining security operations for MSSPs worldwide through its innovative platform that helps security teams manage their operations and respond to cyber threats with speed and precision. The Siemplify SOAR platform combines security orchestration, automation, and response with end-to-end security operations management to make analysts and security engineers more productive.

Surveillance laws permitting GCHQ to operate its Tempora dragnet mass surveillance system broke the law, the European Court of Human Rights has ruled. "The Court considers that, when viewed as a whole, the section 8(4) regime, despite its safeguards... did not contain sufficient 'end-to-end' safeguards to provide adequate and effective guarantees against arbitrariness and the risk of abuse," ruled the European Court of Human Rights's Grand Chamber.

The UK's Competition and Markets Authority has reached agreement with antivirus vendor McAfee that means some customers whose software subscription was automatically renewed will be able to get a refund. It's quite the slap on the wrist for McAfee, whose software tends to be bundled with a large number of devices sold in the UK. Customers who signed up with the company may not have understood the ins and outs of auto-renewal, hence the CMA action.