Tag Archives for " sanctions "

First significant GDPR fines in the pipeline

The European Data Protection Supervisor, Giovanni Buttarelli, says that we can expect to see DPAs take enforcement action soon. He said the sanctions will be imposed in many EU countries and will hit many companies and public administrations but declined to provide details because investigations were still ongoing.

Source: First significant GDPR fines in the pipeline – Privacy Laws & Business

German Lawyer Sanctioned Due to Incomplete GDPR Policy

An interim injunction has been issued by Würzburg Regional Court against a lawyer who displayed an unfinished Privacy Policy on her firm’s website which also included an unencrypted and unprotected contact form. Reaction to the ruling has been mixed as the sanction due to the unfinished GDPR policy was understandable but ruling regarding the unencrypted form was more confusing as this does not affect the transfer of information.

Source: German Lawyer Sanctioned Due to Incomplete GDPR Policy – Compliance Junction

GDPR complaints stack up across the EU as regulators prepare to issue fines

It’s almost five months since Europe’s General Data Protection Regulation (GDPR) went into effect. Meanwhile, EU member states start to tally up GDPR complaints. Numbers have started rolling in from data protection authorities across Europe. As one of the first companies to be warned by a DPA, French startup Teemo might prove that regulators are more interested in keeping companies in line than collecting fees – once Teemo brought itself into compliance, the CNIL considered the issue closed.

Full article: GDPR complaints stack up across the EU as regulators prepare to issue fines – MarTech Today

The Facebook hack could be Europe’s first big online privacy battle

In a massive breach more than 50 million Facebook accounts has been compromised using a series of unpublished vulnerabilities to hijack session keys on an unprecedented scale. The new breach is a real contrast with previous GDPR fights, which have largely had to do with policy decisions and terms of service. It is not a clash about wording of privacy policies or providing advertisers with access to data but rather liability of service provider to ensure security of it’s service.

Source: The Facebook hack could be Europe’s first big online privacy battle – The Verge

Uber fined $148m for failing to notify drivers they had been hacked

Uber will pay $148m and tighten data security after the ride-hailing company failed for a year to notify drivers that hackers had stolen their personal information, according to a settlement announced on Wednesday.

The company reached the agreement with all 50 states and the District of Columbia after a vast data breach in 2016. Instead of reporting it, Uber hid evidence of the theft and paid ransom to ensure the data wouldn’t be misused.

Source: Uber fined $148m for failing to notify drivers they had been hacked | Technology | The Guardian

Companies may try to bypass GDPR fines by negotiating with cybercriminals

Europol, the EU’s policing agency, released a report on September 18 in which they warned that EU data protection laws may lead to an increase in cyber-extortion. Claim that companies may prefer to negotiate fees with hackers rather than pay GDPR fines was drawn up from responses to a survey Europol had sent out to private partners.

Europol goes on to warn that if such companies are to negotiate with cybercriminals, then they “will only fund further attacks and other criminal activity” and that the organisation at risk has no guarantee that “the attacker will not disclose or otherwise exploit information.”

Source: Companies may try to bypass GDPR fines by negotiating with cybercriminals, Europol say – EURACTIV.com

EU warns Facebook it faces sanctions over ‘misleading’ T&Cs

European Commission has warned Facebook it will face sanctions unless it changes what it calls its “misleading” terms and conditions. Facebook has been given until the end of the year to change its terms of service.

The commission acknowledged that Facebook had made some changes but said its terms and conditions remained problematic because Facebook “tells consumers that their data and content is used only to improve their overall ‘experience’ and does not mention that the company uses these data for commercial purposes”.

Source: EU warns Facebook it faces sanctions over ‘misleading’ T&Cs | Technology | The Guardian

Two French location data companies receive GDPR consent warnings

The French privacy regulator CNIL recently issued official notices to two French data companies: Fidzup and Teemo. CNIL said that both companies were non-compliant with consumer consent rules under the General Data Protection Regulation (GDPR) and French privacy law.

Both are location intelligence vendors that work with retailers and brands on online-to-offline advertising and measurement. Both companies have SDKs that help them collect persistent location data from partner apps. App publishers are paid for their location data (and other data) by companies such as Fidzup and Teemo. This is a common model in the US market and outside the US, as in this case.

Source: Two French location data companies receive GDPR consent warnings – MarTech Today

Here’s why the first GDPR fines could still be months away

It’s been three months since the introduction of the European Union’s much-heralded General Data Protection Regulation, which gives the bloc’s regulators unprecedented power to sanction companies for abusing Europeans’ privacy rights. Thousands of complaints were made in the first month of the GDPR’s existence, so how come we haven’t seen a wave of GDPR fines yet? The simple answer, according to data protection authorities and rights groups, is that it’s too soon.

Read article: Here’s why the first GDPR fines could still be months away

1 2 3 8
>