fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " sanctions "

Turkish watchdog fines Facebook $271,000 for data breach

Turkey’s Personal Data Protection Authority (KVKK) said on Friday it had fined Facebook a total of 1.65 million lira ($270,976.01) in April due to a data breach.

It cited a Facebook statement from December as saying the company had discovered a photo API bug that allowed third-party applications to access Facebook user photos.

Source: Turkish watchdog says it fines Facebook $271,000 for data breach – Reuters

GDPR one year on – what have we learned?

The one year anniversary since the European Union’s General Data Protection Regulation (GDPR) came into effect is fast approaching (25 May 2019).

What have we learned over this past year? Do companies have a full grip with compliance requirements for data collection and processing?

Full article: GDPR one year on – what have we learned?

Facebook Faces a Big Penalty, but Regulators Are Split Over How Big

Facebook’s announcement in late April that it had set aside $3 billion to $5 billion to settle claims that it mishandled users’ personal data suggested a strong consensus by federal regulators that the social media giant needed to be held accountable.

The F.T.C. chairman seems to have the votes to approve a settlement. But the members are split on the size and scope of the tech company’s punishment. One of the biggest issues has been whether to hold Mark Zuckerberg liable for future violations.

Source: Facebook Faces a Big Penalty, but Regulators Are Split Over How Big – The New York Times

FTC chair suggests record fines are coming

For a few weeks now, rumors have circled Washington that the U.S. Federal Trade Commission is negotiating a potentially record-breaking fine of Facebook for alleged privacy violations.

Media reports have placed a potential fine in the $3 billion to $5 billion mark, and just this week, new reports state negotiations also include a slew of new privacy positions as part of the FTC settlement.

Full article: FTC chair suggests record fines are coming

Greek DPA Issues EUR 30,000 Fine For Data Protection Violation

On April 15, 2019, the Greek Data Protection Authority fined Hellenic Petroleum S.A. EUR 20,000 for unlawful processing of personal data and EUR 10,000 for failing to adopt appropriate data security measures.

Hellenic Petroleum S.A. had engaged a vendor to conduct a study on its behalf. The study was exposed online, and its results—which included sensitive data such as political opinions, trade union membership and participation in associations—was publicly accessible on the Internet.

Source: Greek DPA Issues EUR 30,000 Fine For Data Protection Violation

Facebook Expects to Be Fined Up to $5 Billion by FTC Over Privacy Issues

Facebook said on Wednesday that it expected to be fined up to $5 billion by the Federal Trade Commission for privacy violations. The penalty would be a record by the agency against a technology company and a sign that the United States was willing to punish big tech companies.

The social network disclosed the amount in its quarterly financial results, saying it estimated a one-time charge of $3 billion to $5 billion in connection with an “ongoing inquiry” by the F.T.C. Facebook added that “the matter remains unresolved, and there can be no assurance as to the timing or the terms of any final outcome.”

Source: Facebook Expects to Be Fined Up to $5 Billion by F.T.C. Over Privacy Issues – The New York Times

Italy’s DPA Fines Data Processor for Information Security Failures

Italian Data Protection Authority, Garante, has issued a 50,000 EUR fine against a data processor platform for its failures to implement several information security measures.

Measures addressed by Garante includes: conducting periodic vulnerability assessments, ensuring timely implementation of patches, requiring strong passwords and ensuring password security.

Source: Italy’s DPA Fines Data Processor for Information Security Failures | Privacy Compliance & Data Security

Why you should pay close attention to the Polish DPA’s first GDPR fine

The Polish data protection authority’s first post-General Data Protection Regulation-era decision, and its first fine, raise questions about the GDPR’s retroactive applicability, transparency, procedural justice and legal competence.

Full article: Why you should pay close attention to the Polish DPA’s first GDPR fine

The French Data Protection Authority Announces Stricter Enforcement

On April 15, 2019, the French Data Protection Authority (CNIL) published its 2018 activity report and announced its 2019 enforcement agenda.

The CNIL’s message is clear: if some leniency was tolerated in 2018, this transitional period for GDPR enforcement is now over. Going forward, the CNIL will adopt a stricter approach when investigating companies’ GDPR compliance and make full use of its enforcement powers, including the power to fine.

Source: The French Data Protection Authority Announces Stricter Enforcement

>