fbpx

Download free GDPR compliance checklist!

Tag Archives for " DPA "

The Belgian DPA Publishes Recommendation on Direct Marketing

The Belgian Data Protection Authority (DPA) published Recommendation  providing Guidance on direct marketing.

The Recommendation provides a methodology on how to comply with the General Data Protection Regulation (GDPR) when conducting direct marketing. The Recommendation applies to all kinds of promotions, including sales and advertising, and is not limited to promotions of a commercial nature.

Source: The Belgian Data Protection Authority Publishes Recommendation Concerning Data Processing for Direct Marketing Purposes

Scottish company hit with maximum fine for making nearly 200 million nuisance calls

The Information Commissioner’s Office (ICO) has fined CRDNN Limited with the maximum £500,000 fine for making more than 193 million automated nuisance calls.

Operating out of a Clydebank business park, CRDNN Limited was raided by the ICO in March 2018, with computer equipment and documents seized for further analysis of their nuisance call operation.

Source: Scottish company hit with maximum fine for making nearly 200 million nuisance calls | ICO

Cathay Pacific fined £500,000 for failing to secure its customers’ personal data

The Information Commissioner’s Office (ICO) has fined Cathay Pacific Airways Limited £500,000 for failing to protect the security of its customers’ personal data.

Between October 2014 and May 2018 Cathay Pacific’s computer systems lacked appropriate security measures which led to customers’ personal details being exposed, 111,578 of whom were from the UK, and approximately 9.4 million more worldwide.

Source: International airline fined £500,000 for failing to secure its customers’ personal data | ICO

Facebook has paused election reminders in Europe after data watchdog raises transparency concerns

Big tech’s lead privacy regulator in Europe has intervened to flag transparency concerns about a Facebook election reminder feature — asking the tech giant to provide it with information about what data it collects from users who interact with the notification and how their personal data is used, including whether it’s used for targeting them with ads.

Facebook’s Election Day Reminder (EDR) feature is a notification the platform can display to users on the day of an election — ostensibly to encourage voter participation. However, as ever with the data-driven ad business, there’s a whole wrapper of associated questions about what information Facebook’s platform might be harvesting when it chooses to deploy the nudge — and how the (ad) business is making use of the data.

Source: Facebook has paused election reminders in Europe after data watchdog raises transparency concerns | TechCrunch

Belgian Data Protection Authority Releases Direct Marketing Recommendation

On February 10, 2020, the Belgian Data Protection Authority  published its Recommendation on data processing activities for direct marketing purposes.

With this Recommendation, the Belgian DPA aims to clarify the complex rules relating to the processing of personal data for direct marketing purposes, including by providing practical examples and guidelines to the different stakeholders involved in direct marketing activities.

Read full article: Belgian Data Protection Authority Releases Direct Marketing Recommendation

Lack of big tech GDPR decisions looms large in EU watchdog’s annual report

Ireland’s Data Protection Commissioner – the lead European Union privacy regulator for most of big tech – has put out its annual report which shows another major bump in complaints filed under the bloc’s updated data protection framework, underlining the ongoing appetite EU citizens have for applying their rights.

But what the report doesn’t show is any firm enforcement of EU data protection rules vis-a-vis big tech. The report leans heavily on stats to illustrate the volume of work piling up on desks in Dublin. But it’s light on decisions on highly anticipated cross-border cases involving tech giants including Apple, Facebook, Google, LinkedIn and Twitter.

Read more: Lack of big tech GDPR decisions looms large in EU watchdog’s annual report | TechCrunch

Facebook postpones launch of dating app

Facebook has been forced into an embarrassing postponement of its new dating service all across Europe 36 hours before Valentine’s Day after Ireland’s Data Protection Commission stepped in.

The regulatory body, which oversees Facebook’s operation across the EU, sent agents to the social media giant’s offices in Dublin because Facebook had not informed the regulatory body of the launch.

Source: Hours from Valentine’s Day, Helen Dixon says no to Facebook’s European dating service rollout – Independent.ie

ICO issues maximum pre-GDPR fine on major UK retailer

Last month the Information Commissioner’s Office (ICO), the UK data protection regulator, imposed a monetary penalty notice of £500,000 on electronics retailer DSG Retail Limited (DSG), a company better known by its trading brands, such as Currys PC World and Dixons Travel. DSG is a subsidiary of Dixons Carphone plc.

The personal data breach occurred during a compromise of DSG’s systems in the time period between 24 July 2017 to 25 April 2018 – before GDPR came into force.

The ICO’s decision to impose the maximum penalty is another clear example of the fact that the ICO is determined to use its fining powers when it considers it appropriate and to impose high fines for what it considers to be serious failures.

Source: #Privacy: ICO issues maximum pre-GDPR fine on major UK retailer

Human Error Not Cybersecurity is Leading GDPR Data Breach Trend

Human error is the main data breach trend under the new GDPR regime not cybersecurity incidents according the Irish Data Protection Commission (DPC).

The DPC has detailed the data breach trends it has observed during the first year of GDPR and unauthorised disclosure tops the list accounting for 83 percent of all reported breaches.

During the first year of GDPR, beginning on the 25 of May 2018, the Irish Data Protection Commission received 5,818 data breach notifications. The DPC notes that approximately 4 percent of all reported breaches were deemed to have not meet the definition of a ‘personal data breach’ when GDPR is applied.

Source: Human Error Not Cybersecurity is Leading GDPR Data Breach Trend

Tinder’s handling of user data is now under GDPR probe in Europe

Dating app Tinder is the latest tech service to find itself under formal investigation in Europe over how it handles user data.

Ireland’s Data Protection Commission (DPC) has today announced a formal probe of how Tinder processes users’ personal data; the transparency surrounding its ongoing processing; and compliance with obligations with regard to data subject right’s requests.

Source: Tinder’s handling of user data is now under GDPR probe in Europe – TechCrunch

>