fbpx

Download free GDPR compliance checklist!

Category Archives for "Court cases"

German Court Slashes a GDPR Privacy Fine by 90%

A German appeals court has slashed by 90% a General Data Protection Regulation fine levied by the nation’s federal privacy watchdog against 1&1 Telecom over call center data protection shortcomings.

In December 2019, Germany’s Federal Commissioner for Data Protection and Freedom of Information, or BfDI, announced a fine of 9.6 million euros ($11.3 million) – at the time, the second-largest privacy fine ever announced in Germany – against 1&1 Telecom.

Source: German Court Slashes a GDPR Privacy Fine by 90%

UK’s ICO faces legal action after closing adtech complaint with nothing to show

The UK’s data watchdog is facing a legal challenge after it took the decision to quietly close a complaint against the adtech industry’s high velocity background trading of personal data.

The original complaint — challenging the adtech industry’s compliance with Europe’s General Data Protection Regulation (GDPR) — was filed to the ICO in September 2018 by Jim Killock, executive director of the Open Rights Group, and Michael Veale, a lecturer in digital rights at the University College London.

Source: UK’s ICO faces legal action after closing adtech complaint with nothing to show for it | TechCrunch

Illinois judge kicks Clearview AI lawsuit back to state court at plaintiffs’ request

A biometric privacy lawsuit against Clearview AI Inc is headed back to state court, where it was originally filed, after a federal judge rejected the company’s argument that the case should stay in federal court where other lawsuits against it are pending.

Clearview failed to establish standing as the plaintiffs didn’t allege they suffered an injury-in-fact. Instead, the plaintiffs seek only statutory damages for the alleged sale and profit of their biometric data and attorney’s fees.

Source: Illinois judge kicks Clearview AI lawsuit back to state court at plaintiffs’ request | Reuters

Data Protection Commission hit with massive legal bill after Facebook privacy case

Austrian privacy activist Max Schrems said: “The Irish taxpayer now has to pick up parts of the bill.”

The Data Protection Commission must pay the legal costs of Austrian privacy activist Max Schrems regarding a landmark EU ruling concerning Facebook, with the final bill likely to total in excess of €2m.

Such a bill would amount to in excess of 10% of the DPC’s entire annual budget.

Source: Data Protection Commission hit with massive legal bill after Facebook privacy case

Canadian class-action suit against Facebook alleges misuse of personal information

Two Facebook users are seeking damages on behalf of hundreds of thousands of Canadians whose personal data may have been improperly used for political purposes.

The proposed class-action lawsuit filed by Calgary residents Saul Benary and Karma Holoboff asks the Federal Court to order the social-media giant to bolster its security practices to better protect sensitive information and comply with federal privacy law.

It also seeks $1,000 for each of the approximately 622,000 Canadians whose information was shared with others through a digital app.

Source: Canadian class-action suit against Facebook alleges misuse of personal information | CTV News

NOYB Approved to File Class Actions and Claim Damages in Front of Belgian Courts

On October 29, 2020, the non-governmental organization co-founded by privacy activist Max Schrems, None of Your Business (NOYB), announced it can now file representative actions and claim damages on behalf of consumers for violations of various laws regarding consumer protection (including data protection law) in Belgium.

The Belgian Minister of Employment, Economy and Consumer Affairs approved NOYB as a qualified entity under the collective action scheme set forth in the Belgian Economic Code. This approval comes in anticipation of the implementation of the Collective Redress Directive, which is expected by 2022 and requires each EU Member State to provide for a collective redress mechanism.

Source: NOYB Approved to File Class Actions and Claim Damages in Front of Belgian Courts

Uber drivers union asks EU court to overrule ‘robo-firing’ by algorithm

Former Uber drivers have filed a legal challenge against the company in Europe, arguing that its “robo-firing” practices contravene GDPR.

The union is arguing that Uber’s alleged “robo-firing” practices contravene Article 22 of the EU General Data Protection Regulation (GDPR), which seeks to protect individuals from automated decision-making. The action has been filed in the District Court of Amsterdam, where Uber’s European HQ is located.

Source: Uber drivers union asks EU court to overrule ‘robo-firing’ by algorithm | VentureBeat

French Court Says an Employer Can Use a Facebook Post to Dismiss an Employee

On September 30, 2020, the French Court of Cassation ruled in favor of an employer that dismissed an employee because of the contents of a Facebook post.

The employee in this case posted a photograph of a new clothing collection of the employer on a personal Facebook account. Posting the photograph was in breach of the employee’s confidentiality obligations under the employment contract. The employer subsequently dismissed the employee for gross misconduct.

Source: French Court of Cassation Decides That an Employer Can Use a Facebook Post to Dismiss an Employee

Amazon Faces Allegations It Harvested Sensitive Voice Data

Amazon is being hit with a class-action suit alleging that the tech giant’s severs are storing biometric voice data from countless callers, in contravention of an Illinois privacy law.

The three plaintiffs behind the suit came into contact with Pindrop’s tech when they called the customer support line for John Hancock, a major life insurance provider, and were told that they were “no longer required” to use a PIN number to sign in, thanks to Pindrop’s ability to authenticate their calls based on sound alone.

Source: Amazon Faces Allegations It Harvested Sensitive Voice Data

Schrems gets a judicial review of the Irish DPC’s procedure

European privacy campaigner Max Schrems has been granted a judicial review of the Irish regulator’s handling of his complaint.

He’s expecting the hearing to take place before the end of the year — and is hoping the action will, at long last, lead to a suspension of Facebook’s EU-US data transfers.

Schrems says his aim is to “kick start a ‘paused’ complaints procedure’” after Ireland’s Data Protection Commission (DPC) chose to open a new case procedure last month — simultaneously pausing its handling of his original complaint, which dates back some seven years at this point.

Source: Facebook EU-US data transfer complaint: Schrems gets a judicial review of the Irish DPC’s procedure | TechCrunch

1 2 3 38
>