fbpx

Download free GDPR compliance checklist!

Tag Archives for " Sweden "

Swedish court rejects Google’s appeal in RTBF case

The Swedish Administrative Court of Stockholm confirmed Google violated the EU General Data Protection Regulation in several instances and rejected Google’s motion that Sweden’s data protection authority’s, Datainspektionen, decisions repealed due to formal deficiencies.

The court upheld the fine of SEK 50 million, while the court lowered the fine for one violation from SEK 25 million to 2 million. The fine was lowered because one complaint was partly dismissed and one instance was not considered a violation (since Google adhered to the injunction without undue delay).

Source: Swedish court rejects Google’s appeal in RTBF case

Folksam data breach leaks info of 1M Swedes to Google, Facebook, more

Folksam, one of the largest insurance companies in Sweden, today disclosed a data breach affecting around 1 million Swedes after sharing customers’ personal info with multiple technology giants.

The insurer discovered the data breach after an internal audit according and reported the incident to the Swedish Data Protection Authority.

The personal data shared by Folksam includes various types of info such as social security numbers or that an individual purchased union or pregnancy insurance.

Source: Folksam data breach leaks info of 1M Swedes to Google, Facebook, more

ICO probes Klarna after newsletter emailed to customers in error

Klarna, a Swedish provider of payment solutions, surprised some UK consumers this week when it mistakenly sent a marketing email to people who had not opted in to receive the weekly newsletter.

Klarna, a Swedish provider of payment solutions, mistakenly sent a marketing email to people who had not opted in to receive the weekly newsletter. And the ICO had received more than 90 complaints from members of the public.

Source: ICO probes Klarna after newsletter emailed to customers in error – PrivSec Report

Italy tops GDPR penalty list with €46m worth of fines this year

Businesses operating within the European Union have been hit with a total of €68 million in fines relating to GDPR breaches so far in 2020.

Over €45 million of that came from Italian-owned companies, as result of 13 separate investigations. Sweden came in second, with €7.3 million in fines from 4 cases, while the Netherlands were ranked third with €2.8 million worth of penalties.

Source: Italy tops GDPR penalty list with €46m worth of fines this year | IT PRO

The Swedish DPA issues 18,700 euro fine against the National Government Service Centre

The Swedish Data Protection Authority imposes an administrative fine of 200,000 Swedish kronor (approximately 18,700 euro) on the National Government Service Centre for failing to notify affected parties as well as the Data Protection Authority about a personal data breach in due time.

The DPA noted that it took almost five months for the NGSC to notify the concerned parties and close to three months before the DPA received a data breach notification.

Source: The Swedish Data Protection Authority issues fine against the National Government Service Centre

Swedish Data Protection Authority imposes €7 million administrative fine on Google

The Swedish Data Protection Authority imposes a fine of 75 million Swedish kronor (approximately 7 million euro) on Google for failure to comply with the GDPR. Google as a search engine operator has not fulfilled its obligations in respect of the right to request delisting.

Swedish Data Protection Authority criticised Google for not having removed two of the search results, as instructed in 2017. Specifically, Google was criticised for having made too narrow an assessment of which URLs ought to actually be removed from search results, and, on another occasion, had not removed a search result in a timely manner.

Furthermore, when Google removes a search result listing and notifies the website owner of which webpage link was removed and who was behind the delisting request, it was in fact doing so without a legal basis. Therefore, Swedish Data Protection Authority ordered Google to cease such practice.

Source: The Swedish Data Protection Authority imposes administrative fine on Google – Datainspektionen

Swedish Data Inspectorate investigates Clearview AI

Swedish supervisory authority – Datainspektionen – is conducting an investigation on possible use of facial recognition technology provided by US company Clearview AI by Swedish authorities.

Datainspektionen sent a number of questions to the Police, the Security Police, the Coast Guard, the Customs Administration, the Migration Agency and a number of other Swedish authorities. They want to know if any of the authorities are using Clearview AI and in such cases what legal basis they rely on.

Source: The Data Inspectorate initiates supervision on the basis of the Clearview AI – Data Inspection

Sweden authorises the use of facial recognition technology by the police

Sweden’s data protection authority has approved the use of facial recognition technology by the police, to help identify criminal suspects.

According to the Swedish authority, the processing and storage measures comply with Sweden’s Crime Data Act and the EU’s Data Protection Law Enforcement Directive (GDPR).

The decision is controversial following successive bans of this technology in US cities. The technology is widely used in China.

Source: Sweden authorises the use of facial recognition technology by the police | New Europe

How to interpret Sweden’s first GDPR fine on facial recognition in school

The school used facial-recognition software via camera to capture and register 22 students’ participation in class. The school board claimed that automizing taking the class register would save 17,280 hours of work each year at the school.

However, neither a risk assessment nor prior consultation with the Swedish DPA was executed. August 20, the Swedish DPA fined the school SEK 200,000, its first fine under the EU General Data Protection Regulation, and issued a warning against further processing.

Full article: How to interpret Sweden’s first GDPR fine on facial recognition in school

Facial recognition in school renders Sweden’s first GDPR fine

The Swedish DPA has fined a municipality 200 000 SEK (approximately 20 000 euros) for using facial recognition technology to monitor the attendance of students in school.

A school in northern Sweden has conducted a pilot using facial recognition to keep track of students’ attendance in school.

Source: Facial recognition in school renders Sweden’s first GDPR fine

1 2 3
>