Free tools and resources for Data Protection Officers!

Tag Archives for " sanctions "

German Regulator Says Facebook Can’t Use Data From Instagram and WhatsApp

Facebook “was able to build a unique database for each individual user and thus to gain market power,” says Andreas Mundt of Germany’s Federal Cartel Office.

Germany’s antitrust agency is hitting Facebook with “far-reaching restrictions” on the social media network’s practice of merging its users’ data that was gleaned from WhatsApp, Instagram and millions of third-party websites and apps. The decision can be appealed; if it stands, it would force Facebook to add more ways for its users to protect their privacy.

Source: German Regulator Says Facebook Can’t Use Data From Instagram, WhatsApp : NPR

Learning from Google’s record-setting GDPR fine

With the French Data Protection Authority (CNIL) disclosing on January 21 st a 50 million euro fine against Google LLC, we now have a precedent against which to evaluate the impact and reach of GDPR enforcement.

This is significant as, with this precedent, we can determine some of the factors a Data Protection Authority (DPA) will use in assessing the extent of a given violation.

Full article: Learning from Google’s record-setting GDPR fine

Data privacy rules in the EU may leave the US behind

The European Union has issued its first fine, cracking down on companies that misuse users’ personal data. Why hasn’t the US taken a similarly strong approach?

Americans use online services in the same way as our European counterparts, and at generally similar rates. And U.S. consumers’ privacy has been harmed by the ever-growing number of data breaches affecting financial institutions, retailers and government targets.

Full article: Data privacy rules in the EU may leave the US behind

EU agrees to fine parties for data misuse in elections

The European Parliament and EU countries agreed, Wednesday, on new election rules according to which European party found to have misused personal data to influence voter behavior can be fined.

In the wake of a global outrage over Cambridge Analytica’s illegal harvesting of data on some 87 million Facebook users, the rules aim to stop EU political groups from using data to influence voter behavior in the upcoming European Parliament election.

Full article: EU agrees to fine parties for data misuse in elections – POLITICO

Small business in Germany hit with €5,000 GDPR fine

A small business in Germany has been issued with a €5,000 fine for inadequate data processing standards, after misplacing one of its contracts, heise online reports.

The problem was identified after a request for personal data was made to the German regulator, in a case that is one of few to result in a fine following the introduction of the General Data Protection Regulation (GDPR) on May 25th 2018.

Source: Small business in Germany hit with €5,000 GDPR fine

Facebook’s Privacy Lapses May Result in Record Fine

Facebook may be facing the biggest fine ever imposed by the U.S. Federal Trade Commission for privacy violations that breached a commitment to protect the personal information of its social network’s 2.2 billion users.

Source: Report: Facebook’s Privacy Lapses May Result in Record Fine | SecurityWeek.Com

Google fined €50 million in France for GDPR breach about consent

France’s Data Protection Authority, the CNIL, has today announced a 50 million euro fine on Google LLC for lack of transparency, inadequate information and lack of valid consent regarding the personalisation of advertisements.

The case was initiated by two associations, None Of Your Business (“NOYB”) and La Quadrature du Net (“LQDN”). LQDN was supported by 10 000 people to refer the matter to the CNIL. The CNIL says that the GDPR “one-stop-shop mechanism” was not applicable as the DPAs consider that Google did not have one main establishment in the European Union.

Source: Google fined €50 million in France for GDPR breach about consent – Privacy Laws & Business

Germany may ban Facebook from third-party data sharing

Germany’s Federal Cartel Office intends to ban Facebook from collecting user data from third parties. This will also prohibit data sharing between WhatsApp and Instagram, which Facebook own.

Germany is concerned that Facebook users didn’t know they agreed to be tracked across the internet when they signed up for the firm’s offerings. If this sticks, it’s a serious problem for its ad-targeting strategy.

Full article: Facebook’s Privacy Problems Get Real in Germany – The Washington Post

Business fined after data subject access request failings

A business that failed to respond fully to a data subject access request and later ignored an enforcement notice served on it for doing so has been fined £15,000 for breaching UK data protection laws.

SCL Elections, better known as the business behind the now defunct data analytics company Cambridge Analytica, was prosecuted at Hendon Magistrates’ Court in London on Wednesday.

SCL Elections pleaded guilty, via its administrators, to breaching section 47(1) of the Data Protection Act (DPA) 1998 in a prosecution brought by the Information Commissioner’s Office (ICO). Under that section of the Act, a person who fails to comply with an enforcement notice, an information notice or a special information notice is guilty of an offence.

Full article: Business fined after data subject access request failings

GDPR May Add Up To $8.8B Marriott’s Data Breach Expenses

Marriott data breach is under investigation in several countries, where the hotel and resorts giant has a presence. In the E.U., Information Commissioner’s Office (ICO) leads the investigation.

Given that the global annual revenue of the company reached $22.89 billion in 2017 and the strictest fine could amount to 4% of it, the sanctions imposed by the E.U. could be translated to $8.8 billion.

Full article: GDPR May Add Up To $8.8B Marriott’s Data Breach Expenses

>