Following best practices for GDPR compliance is vital for all businesses, organizations, and individuals covered by the EU privacy law. Compliance places a significant burden on covered entities, and if best practices for GDPR compliance […]
The new General Data Protection Regulation (GDPR) which comes into force in May 2018 does not outlaw the use of a simple username and static password system for accessing personal data, but GDPR does state […]
In Norway the data protection body, Datatilsynet, has sanctioned a fine of over $11.7 million for Gay dating app Grindr as it failed to get proper consent from users before sharing their personal information with […]
In Germany the data regulation authority in the Lower Saxony region has sanctioned a financial penalty of €10.4m against a a local laptop retailer due to the breach of the European Union’s general Data Protection […]
A recent report published by Finbold, the online financial news and analysis portal, relating to fines sanctioned during 2020 for breaches of the European Union’s General Data Protection Regulation, has indicated that €171.3m in financial […]
Ireland’s Data Protection Commission (DPC) has revealed that Twitter, which has its European Union headquarters based in Dublin, has been hit with a fine €450,000 for breaching the General Data Protection Regulation (GDPR). This is […]
In France the data protection regulator, Commission nationale de l’informatique et des libertés (CNIL), has penalised French retail giant Carrefour more than €3m ($3.7m) in relation to a number of breaches of the European Union’s […]
At the beginning this month the electorate of California voted to pass the California Privacy Rights Act (CPRA), legislation created to further enhance the reach of the California Consumer Privacy Act that become enforceable earlier […]
Vodafone’s Italian operations has been sanctioned with a GDPR penalty of over than €12.25 million (US$14.5m) as a result of what was deemed ‘aggressive’ telemarketing practices. The fine comes following ‘hundreds’ of official complaints into […]
Following the decision of a majority of EU data supervisors to support a proposed settlement from the Irish Data Protection Commission (DPC), the enforcement of a General Data Protection Regulation penalty is imminent fir Twitter […]
In the United Kingdom the Information Commissioner’s Office (ICO) has hit hotel group Marriott International with an £18.4 million General Data Protection Regulation (GDPR) penalty for in its legal obligation to safeguard the private data […]
A report released by BuyShares has revealed that the United Kingdom tops for the imposition of data breach penalties with €132.7 million in the total value of General Data Protection Regulation fines since the legislation […]
In the United Kingdom a €22m (£20m) fine has been sanctioned against British Airways in relation to a breach of the European Union’s General Data Protection Regulation (GDPR) that impacted the personal and financial details […]
In the United Kingdom the Government’s Department for Eduction (DfE) has been found guilty of breaching the European Union’s General Data Protection Regulation in relation to the manner that it processes pupil data. This comes […]
In Germany the data protection authority located in Hamburg has announced that H&M, the second biggest retailer in the world, is being fined €35.2 (US $41.3m) for breaching the European Union’s General Data Protection Regulation […]
A new phishing attack has been identified where cybercriminals are sharing a fake GDPR compliance reminder in a bid to try and fool those receiving the email into sharing their email log in details. The […]
A report released by Gartner, Inc. has estimated that 65% of the world’s population will have its personal data policed by some form of data privacy legislation by 2023. Gartner analysts presented The report was […]
A preliminary order has been issued by Ireland’s Data Protection Commission (DPC) directing Facebook to cease transferring personal data transfer from Ireland to the United States. This order comes following the European Union Court ruling […]
Earlier this month the European Data Protection Board (EDPB) released draft GDPR social media targeting guideline that seek to give a greater understanding in relation to the roles and duties of those involved in managing […]
Since the start of the year European Union based-companies have been sanctioned with €68 million (£61.5m) for breaching the General Data Protection Regulation (GDPR). More that two-thirds of that has been paid over by Italian-companies, […]
In the United States a legal action has been filed by a consumer privacy campaign group against Salesforce and Oracle, alleging that both entities have breached the European Union’s General Data Protection Regulation with the […]
France’s CNIL announced that it has initiated an investigation into data management practices of the social media platform TikTok. A spokeswoman for France’s CNIL revealed that it begun examining how the social media app manages user […]
It has been revealed that the Italian Data Protection Authority ‘Garante’ is sanctioning a €16,729,600 fine on telecoms provider Wind Tre in relation to a number of data processing activities, mostly related to direct marketing, […]
The European Court of Justice has today issued a ruling that voids the existing Privacy Shield agreement for data sharing between the European Union and United States due to the fact that it does not […]
The Dutch Credit Registration Bureau (BKR) has been hit with a €830,000 ($937,000) fine in the Netherlands in relation a General Data Protection Regulation breach impacting data subjects rights in the Netherlands. The fine is […]
A cybercriminal has been busy targeting unsecured MongoDB databases and threatening to report their vulnerability to data protection authorities, a move that could possibly result in a General Data Protection Regulation penalty being sanctioned. 23,000 […]
On Monday TikTok revealed that it has decided to base its operations for data privacy within the European Union to Ireland. This comes following the establishment of the social networking platform’s Trust and Safety Hub […]
A European Union, report which is due to be made public today, on the General Data Protection Regulation will reveal how small and medium-sized businesses are having great difficulty in investing the funds required to […]
Last Friday it was revealed that Google had been unsuccessful in the appeal of the €50m General Data Protection Regulation fine which was sanctioned against by the French data protection authority, the CNIL (Commission nationale […]
In the United Kingdom a legal action has been filed under Article 82 of the General Data Protection Regulation (GDPR) in the High Court on behalf of nine million easyJet customers whose private data was […]
In Hungary the government has taken the decision to suspending the rights of data subjects under the European Union’s General Data Protection Regulation (GDPR). This suspension will remain in place until such time as the […]
In Ireland the child and family protection agency, Tusla, has been fined €75,000 arising out of an investigation into three cases where information about children was wrongly disclosed to unauthorised parties. This makes Tusla has […]
In the Netherlands, the Dutch Data Protection Authority has sanctioned a €725,000 (US$791,000) General Data Protection Regulation (GDPR) fine against a company for scanning its employees’ biometrics with a fingerprint time and attendance system. The […]
The European Data Protection Board (EDPB) has released guidance, in a letter, in relation to the European Commission’s recommendation for the development and implementation of apps used for specific purposes, such as contact tracing, in […]
‘In what countries is GDPR enforced?’ is a very common GDPR query. The General Data Protection Regulation (GDPR) is a European Union (EU) Regulation that was passed on April 27, 2016 and, following a two-year […]
The private personal information of over 600,000 Email.it account holders has been illegally obtained and made available for purchase via the dark web. The breach was revealed on Sunday, April 5, following a tweets broadcast […]
Since the COVID-19 pandemic began everything has been moving at breakneck pace and there has been little time to consider how it impacts the European Union’s General Data Protection Regulation (GDPR). It is understandable, and […]
The Marriott Hotel Group has revealed that it has suffered its third data breach in just over two years and has impacted the private data of up to 5.2m guests. The hotel group that operates […]
In the United Kingdom the Information Commissioner’s Office (ICO) has been contacted by Virgin Media to advise them that the personal data belonging to over 900,000 customers has been illegally obtained by an unauthorised third […]
The Information Commissioner’s Officer (ICO) in the United Kingdom has sanctioned a £500,000 data breach penalty against airline Cathay Pacific in relation to security lapses which exposed of 111,578 UK citizens and up to 9.4 […]
In the United Kingdom, a report issued by the Independent Chief Inspectorate of Borders and Immigration (ICIBI) has revealed that the Home Office (UK) has broken the European Union’s General Data Protection Regulation 100 times […]
In Ireland, following the publication of the Data Protection 2019 Annual Report, the Irish Data Protection Commissioner has indicated that a litany of large General Data Protection Regulation (GDPR) fine may be on the way […]
In the United Kingdom the data protection authority, the Information Commissioner’s Office (ICO), has issued a warning to businesses that they must adhere to existing data protection legislation as the country moves away from the […]
A General Data Protection Regulation complaint has been submitted in Norway against LGBTQ+ social networking app Grindr and a number of online advertising companies. The complaints in question were submitted by the Norwegian Consumer Council […]
A cyber breach that impacted approximately 14 million customers of Dixons Carphone in the UK has resulted in the highest possibly fine being applied to the retailer. It was discovered that the tills in retails […]
Since it became enforceable on May 25 2018, the General Data Protection Regulation (GDPR) has had a massive impact on how business is conducted throughout the EU and around the world. Companies must now take […]
The first ever General Data Protection Regulation (GDPR) penalty in the United Kingdom has been sanctioned against a London-based pharmacy by the Information Commissioner’s Office (ICO) ICO has fined Doorstep Dispensaree €325,000 (UK£275,000) by the […]
The aim of this article is to help groups, companies or businesses that gather, process or store personal data of “data subjects” located in the EU start a GDPR To Do List. This list should […]
Capgemini have published a new report which indicates that companies that comply with GDPR avail of certain advantages thanks to improved customer engagement and profits. The report has found that GDPR compliant organizations have outperformed […]
A fine of €9.55m has been sanctioned by the German Federal Commissioner for Data Protection and Freedom of Information (BfDI) against telecommunications provider 1&1 for a General Data Protection Regulation (GDPR) breach. The breach occurred […]
German Data Protection bodies, known collectively as the DSK, has revealed that agreement has been reached in relation to the calculation of General Data Protection Regulation (GDPR) penalties. Using five different steps to calculate the […]
The results of a survey conducted by the Capgemini Research Institute has revealed that firms that companies seem to have greatly overestimated their level or preparation for the General Data Protection Regulation (GDPR) which was […]
The term ‘European Union citizen’ is often referenced when trying to describe General Data Protection Regulation (GDPR) legal obligations, but what happens when an EU citizen leaves the EU? Does GDPR apply to EU citizens […]
Start-up Internet browser Brave has submitted new evidence to the Data Protection Commission (DPC) in Ireland which indicates that Google has been using a workaround to try and bypass General Data Protection Regulation (GDPR) rules […]
The Swedish Data Protection Authority (DPA) has fined the Skelleftea municipality 200,000 Swedish Krona (£16,800, $20,700) for breaching the European Union General Data Protection law (GDPR) by trialling facial recognition on high-school students in Sweden […]
The customer records of 6.8 million customers of a venture capital-backed sneaker trading web portal StockX Incc have been stolen in a recent cybercriminal hacking attack. All the specific details of the attack have yet […]
Following a potential General Data Protection Regulation (GDPR) breach, digital bank Monzo has made contact with 500,000 of its customers to advise them to change their personal identification number (PIN). Monzo became aware of the […]
If can be confusing to consider what happens when Americans visit an E.U. country in relation to the European Union’s General Data Protection Regulation (GDPR). Are they protected by the legislation? They are, obviously, not […]
The European Union’s Competition Commission has initiated an official antitrust investigation to ascertain if Amazon is using sensitive data, gathered from independent retailers who use its marketplace, in breach of EU competition legislation. The Commission […]
The Information Commissioner’s Office (ICO), the data authority in the United Kingdom, has revealed that it plans to sanction a $123,705,870 General Data Protection Regulation fine on the Marriott hotel group in relation to the […]
The Payment Services Directive (PSD2) was enacted by the European Union on January 13 2018 to regulate payment services and payment service providers throughout the European Economic Area (EEA). It replaced the previous E.U. Directive […]
One of the lesser known obligations under the European Union General Data Protection Regulation, introducing in May 2018, is the appointment of a Nominated European Representative under certain conditions (as per Article 27 of the […]
The EU’s General Data Protection Regulation (GDPR) became enforceable on May 25, 2018, as did financial penalties for breaching the legislation. Mainly, GDPR is applicable to the back end workings of medical devices there is also […]
In the UK the Information Commissioner’s Office has sanction ‘Her Majesty’s Revenue and Customs’ (HMRC) with an enforcement action a voice authentication service was implemented which asked callers to record their voice and use it […]
A survey of over 500 United Kingdom-based business has indicated that unencrypted USB devices are still being used by businesses despite the fact that unsecured data could lead to massive general Data Protection penalties. The […]
Data minimization is one of the chief principles of the European Union’s General Data Protection Regulation (GDPR) which states that data processing should only use as much data as is required to complete as assigned […]
A Danish taxi company, Taxa 4×35 (Taxa), has been issued with a General Data Protection Regulation penalty by the Denmark’s Data Protection Authority Datatilsynet (DPA) for breaching GDPR data retention periods. The DPA approved a […]
In a recent online article the Harvard Business Review, commenting on the latest massive data privacy breach to hit a U.S.-owned company, shared some important takeaway for senior managers and regulators to consider in relation […]
The introduction of the General Data Protection Regulation (GDPR) on May 25 2018 saw the vast majority of companies doing business in the European Union or providing a service to European Union based individuals change […]
Microsoft CEO Satya Nadella, speaking recently during an on-stage interview at World Economic Forum in Davos Switzerland, lead the calls for the global introduction of legislation that enshrines data privacy as a human right. Nadella […]
Last week the German antitrust authority, Bundeskartellamt, ruled that the manner in which Facebook gathers, merges, attributes to and uses data in user accounts is an abuse of its dominant market position. This follows a three-year investigation […]
A recent report, published by the UK-based multinational legal firm DLA Piper, has revealed that since the European Union’s General Data Protection Regulation became enforceable on May 25, 2018, almost 60,000 data breach notifications have […]
GDPR fields are a way of allowing you to collect, store and track consent from your contacts while recording the name of the field and consent text. Using these fields on your forms will help […]
The introduction of the General Data Protection Regulation (GDPR) on May 25, 2018 enshrined new protections for residents of the European Union in relation to how their private data is managed by the companies and […]
CNIL, the French data protection regulator, has sanctioned Google with a €50m fine for breaching its obligations laid down by the European Union’s General Data Protection Regulation (GDPR). The agency released a statement which said that […]
Despite the initial findings of an investigation into a General Data Protection Regulation (GDPR) breach at the Marriott Hotels group indicating that the number of people impacted is lower than expected, the group is facing […]
Guidance on what should happen with transfers of personal data to and from the United Kingdom, including Northern Ireland, following a possible ‘no deal’ Brexit has been published by the Irish Data Protection Commission (DPC). […]
Senior Policy Manager and EU Principal for Mozilla, a company know for its stance on privacy and open internet, Raegan MacDonald has said that she feels that 2019 will see increased resources poured into the enforcement of the […]
A spokesperson for the Irish Data protection Commission (DPC) recently revealed in an interview that his organisation will be applying the General Data Protection Regulation (GDPR) legislation much more stringently in 2019. Head of Communications […]
The Irish Data Protection Commission (DPC) is investigating another potential General Data Protection Regulation Breach by Facebook following a statement from the social media company admitted a glitch may have exposed unposted photos from up […]
Google has revealed that it has taken the decision to make a number of amendments to its terms of service and privacy policy, amendments which will now refer to Ireland as the location of its […]
Consumer body Which? has conducted an investigation that has revealed several large retailers may be in breach of the European Union’s General Data Protection Regulation (GDPR) rules in how they issue e-receipts to their customers. […]
In a turn up for the books the Irish Data Protection Commission (DPC) is being investigated for possible General Data Protection Regulation breaches in relation to the body’s data protection officer being prevented from successfully completing their […]
The private personal data of approximately 500 million people has been obtained in a hacking attack on Marriott International according to a a statement filed with US regulators by the hotel chain last Friday, December 1. […]
A United States Senate subcommittee has revealed that it is working on a draft of a GDPR-style legislation for the United States. Senators Richard Blumenthal (Democrat) and Jerry Moran (Republican) are putting together a bipartisan […]
A group of European Union-based consumer watchdogs have submitted a data privacy compliant, under the new General Data Protection Regulation legislation, against Google in the belief that the company is using methods to record web users’ […]
A warning has been issued by Instagram that a number of users of the social media platform have had their password details exposed by a security leak. Ironically, this breach occurred due to a flaw […]
The United Kingdom’s Information Commissioner’s Office (ICO) has found that the Washington Post online subscription options are not in compliance with the European Union’s General Data Protection Regulation (GDPR). The online subscription options are not subjected to […]
Dutch investigators are conducting an investigation following claims that Microsoft Office is in breach of the European Union General Data Protection Regulations in relation to the data the software has been gathering including the content […]
The operators of content Management platform WordPress have issued an advisory urging users to refresh the WP GDPR Compliance plug-in as soon as possible due to a flaw in the software leading to a potential […]
Privacy International, a UK-based registered charity that defends and promotes the right to privacy across the world, last week filed a number of complaints against US-based Companies to European based Data Protection bodies concerning suspected breaches of the General Data […]
Facebook is facing the wrath of the European Union’s General Data Protection Regulation (GDPR) once again following a complaint made by the UK Information Commissioner Office (ICO) to the Irish Data Protection Commission (DPC) in […]
A potential General Data Protection Regulation breach impacting members of the firm’s loyalty and rewards scheme has been reported by the Radisson Hotel Group. The Radisson Hotel Group, headquartered in Brussels, Belgium, has chain accounts for […]
In the United Kingdom, law firm RPC released a report which reveals that the average fine for failing to protect against data breaches has doubled to £146,000 in the year to 30 September 2018. ICO […]
Apple CEO Tim Cook, speaking at a conference on data privacy in Brussels, has called for the United States to introduce data protection legislation as stringent as the European Union’s General Data Protection Regulation (GDPR) […]
If your company is not established in the European Union, however, processes the personal data of EU residents and does not have an office located in the European Union, you may have to appoint an […]
It has been revealed that Google will be closing down its social media platform Google+ in light of an investigation being launch by the Data Protection Authority in Ireland into reports that it failed to […]
The Data Protection Authority (DPA) in Ireland is investigating social media giant Twitter over possible GDPR non-compliance after the company did not comply with a user request for information. A privacy researcher at the University […]
An interim injunction has been issued by Würzburg Regional Court against a lawyer who displayed an unfinished Privacy Policy on her firm’s website which also included an unencrypted and unprotected contact form. In making the […]
Facebook has revealed that its engineers have discovered, and addressed, a serious data breach on September 25, last Tuesday, which affected approximately 50m account holders. Impacted users have been sent a notification and automatically logged […]
Copyright © 2023 ComplianceJunction