Free tools and resources for Data Protection Officers!

Tag Archives for " DPA "

Dispatch from Brussels: GDPR enforcement, guidance to come in 2019

During her interview with IAPP Chief Knowledge Officer Omer Tene, Dixon said major GDPR-related fines will not come down the pike in 2018, but it’s safe to expect some fines in 2019. This notion was foreshadowed earlier in the day by the EDPB’s Jelinek during her keynote address.

Notably, both Jelinek and Dixon said no cross-border cases have been escalated to the EDPB. But that doesn’t mean enforcement is far away.

Full article: Dispatch from Brussels: GDPR enforcement, guidance to come in 2019

ICO issues the first fines to organisations that have not paid the data protection fee

Organisations across the business services, construction and finance sectors are among the first to be fined by the ICO for not paying the data protection fee.

All organisations, companies and sole traders that process personal data must pay an annual fee to the ICO unless they are exempt. Fines for not paying can be up to a maximum of £4,350.

Source: ICO issues the first fines to organisations that have not paid the data protection fee. | ICO

Germany’s first fine under the GDPR offers enforcement insights

On Nov. 21 , the State Commissioner for Data Protection and Freedom of Information Baden-Wuerttemberg (LfDI) imposed the first fine under the GDPR in Germany – on a social media company for a violation of its data security obligations.

This is not the first GDPR-related fine in Europe which has become publicly known: the Austrian DPA imposed a €4,800 fine for illegal video surveillance activities, and a €400,000 fine was imposed in Portugal on a hospital after staff members illicitly accessed patient data. However, the current example from Germany provides further insights into how DPAs intend to use their new, heightened fining powers under GDPR.

Full article: Germany’s first fine under the GDPR offers enforcement insights

Uber fined more than $1 million by U.K. and Dutch authorities

Uber was fined a combined $1.17 million by British and Dutch authorities Tuesday for a 2016 data breach that exposed the personal details of millions of customers. The penalties come from the U.K.’s Information Commissioner’s Office and the Dutch Data Protection Authority.

Source: Uber fined more than $1 million by U.K. and Dutch authorities

LinkedIn violated data protection by using 18M email addresses of non-members to buy targeted ads on Facebook

LinkedIn has been called out a number of times for how it is able to suggest uncanny connections to you, when it’s not even clear how or why LinkedIn would know enough to make those suggestions in the first place.

Ireland’s Data Protection Commissioner had conducted — and concluded — an investigation of Microsoft-owned LinkedIn, originally prompted by a complaint from a user in 2017, over LinkedIn’s practices regarding people who were not members of the social network.

Full article: LinkedIn violated data protection by using 18M email addresses of non-members to buy targeted ads on Facebook | TechCrunch

Uber fined £385,000 for data breach affecting millions of passengers

Uber’s European operation has been fined £385,000 for a data breach that affected almost 3 million British users, the Information Commissioner’s Office has announced.

In November 2016, attackers obtained credentials to access Uber’s cloud servers and downloaded 16 large files, including the records of 35 million users worldwide. The records included passengers’ full names, phone numbers, email addresses, and the location where they had signed up.

Source: Uber fined £385,000 for data breach affecting millions of passengers

Belgian DPA provides first status update after six months of GDPR

The Belgian DPA has released a first status update six months after the GDPR became applicable. Some interesting statistics relate to the number of data breach notifications and complaints received. In the six months ‪since May 25th, the Belgian Data Protection Authority was notified of 317 data breaches (compared to last year when only 13 breaches were notified).

Full article: BELGIUM: Belgian DPA provides first status update after six months of GDPR

Irish watchdog clarifies record keeping and DPIAs interaction under GDPR

Ireland’s data protection authority has clarified how record keeping obligations under the General Data Protection Authority (GDPR) interact with the duties of businesses to carry out data protection impact assessments (DPIAs).

Full article: GDPR: Irish watchdog clarifies record keeping and DPIAs interaction

How a small French privacy ruling could remake adtech for good

A ruling in late October against a little-known French adtech firm that popped up on the national data watchdog’s website earlier this month is causing ripples of excitement to run through privacy watchers in Europe who believe it signals the beginning of the end for creepy online ads.

CNIL’s decision suggests that bundling consent to partner processing in a contract is not, in and of itself, valid consent under the European Union’s General Data Protection Regulation (GDPR) framework.

Full article: How a small French privacy ruling could remake adtech for good | TechCrunch

1 2 3 26
>