fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " sanctions "

Company Will Pay $30 Million to Settle FTC Charges it Used Deceptive Lead Generators

An Illinois-based operator of several post-secondary schools will pay $30 million to settle Federal Trade Commission charges that the operator used sales leads from lead generators that falsely told consumers they were affiliated with the U.S. military, and that used other unlawful tactics to generate leads.

In addition to falsely representing that its schools were affiliated with or recommended by the military, CEC’s lead generators also induced consumers to submit their information under the guise of providing job or benefits assistance.

“You can’t skirt the law by outsourcing illegal conduct to your service providers,” said Andrew Smith, Director of the FTC’s Bureau of Consumer Protection. “This case demonstrates that the FTC will seek to hold advertisers liable for the deceptive or illegal practices of their affiliates, publishers, or other lead generators. We expect companies purchasing leads to implement strong vendor management programs and stay on the right side of the law.”

Source: Operator of Colorado Technical University and American InterContinental University Will Pay $30 Million to Settle FTC Charges it Used Deceptive Lead Generators to Market its Schools | Federal Trade Commission

Facial recognition in school renders Sweden’s first GDPR fine

The Swedish DPA has fined a municipality 200 000 SEK (approximately 20 000 euros) for using facial recognition technology to monitor the attendance of students in school.

A school in northern Sweden has conducted a pilot using facial recognition to keep track of students’ attendance in school.

Source: Facial recognition in school renders Sweden’s first GDPR fine

PwC fined 150,000 euros for infringements of the GDPR

The Hellenic Data Protection Authority, in response to a complaint, conducted an ex officio investigation of the lawfulness of the processing of personal data of the employees of the company ‘PriceWaterhouseCoopers Business Solutions SA’ (PwC).

According to the complaint, employees were required to give consent to the processing of their personal data. Hellenic DPA’s fined PwC €150,000 for selection and application of inappropriate legal basis and violation of the principle of accountability.

Source: Company fined 150,000 euros for infringements of the GDPR

EU privacy ruling against Facebook to come by end 2019

European privacy investigators expect to complete a lengthy probe into whether Facebook violated the bloc’s tough data protection rules by the end of the year, according to the Irish official who is leading the inquiries.

Decision expected to focus on how WhatsApp shared users’ data with the social networking giant.

Source: EU privacy ruling against Facebook to come by end 2019 – POLITICO

Privacy Group Files Legal Challenge to Facebook’s $5 Billion FTC Settlement

The Electronic Privacy Information Center (EPIC) says the deal would unfairly dismiss thousands of complaints against the tech giant.

EPIC requested a hearing where the court could review the fairness of the Facebook agreement and consider consumer groups’ complaints. If the court decides to grant such a hearing, a judge could require the trade commission to review outstanding consumer complaints and alter the terms of the proposed settlement.

Source: Privacy Group Files Legal Challenge to Facebook’s $5 Billion F.T.C. Settlement – The New York Times

FTC fines Facebook historic $5B for privacy violations

After months of leaks to the press and rumors of an imminent enforcement action, the U.S. Federal Trade Commission has fined Facebook a record-breaking $5 billion and required the company to implement an “unprecedented” and modified corporate governance structure for violating its 2012 FTC consent decree.

The fine is the highest in the history of global privacy enforcement by a factor of 20, but perhaps more notably, the order requires a detailed data governance framework to ensure Facebook’s executive leadership is accountable and transparent about its data practices.

Source: FTC fines Facebook historic $5B for privacy violations

Equifax Agrees to Pay Up to $700 Million to Resolve 2017 Breach

On July 22, 2019, the Federal Trade Commission announced that Equifax Inc. agreed to pay at least $575 million, and potentially up to $700 million, as part of a global settlement agreement with the FTC, the Consumer Financial Protection Bureau, and 50 U.S. states and territories to resolve investigations into the colossal data breach the company suffered in 2017.

Source: Equifax Agrees to Pay Up to $700 Million to Resolve 2017 Breach, the Largest Data Breach Settlement in U.S. History

EU working group to harmonize sanctions

Sweden is entering as one of the chairmen of the EU working group to work for harmonization of sanctions according to the Data Protection Regulation, GDPR.

The guidelines for harmonized penalties within the EU are expected to be completed next year. The national inspection guidelines will be revised when the common EU guidelines have been adopted.

Source: The Data Inspectorate leads the EU working group on sanctions – the Data Inspectorate

FTC approves settlement with Google over YouTube kids privacy violations

The Federal Trade Commission has finalized a settlement with Google in its investigation into YouTube for violating federal kids’ privacy laws, according to two people familiar with the matter who were not authorized to discuss it on record.

The settlement finds that Google inadequately protected kids who used its video-streaming service and improperly collected their data in breach of the Children’s Online Privacy Protection Act (COPPA), which prohibits the tracking and targeting of users younger than 13.

Source: FTC approves settlement with Google over YouTube kids privacy violations – The Washington Post

Former motor industry worker ordered to pay £25,500 from proceeds of data theft

A motor industry employee who was sentenced to six months in prison in November 2018 for accessing personal data without permission, has been ordered to pay a £25,500 confiscation order in a case brought by the Information Commissioner’s Office (ICO).

Source: Former motor industry worker ordered to pay £25,500 from proceeds of data theft | ICO

>