GDPR News

It has been revealed that the Italian Data Protection Authority ‘Garante’ is sanctioning a €16,729,600 fine on telecoms provider Wind Tre in relation to a number of data processing activities, mostly related to direct marketing, […]

The Dutch Credit Registration Bureau (BKR) has been hit with a €830,000 ($937,000) fine in the Netherlands in relation a General Data Protection Regulation breach impacting data subjects rights in the Netherlands. The fine is […]

A cybercriminal has been busy targeting unsecured MongoDB databases and threatening to report their vulnerability to data protection authorities, a move that could possibly result in a General Data Protection Regulation penalty being sanctioned. 23,000 […]

On Monday TikTok revealed that it has decided to base its operations for data privacy within the  European Union to Ireland. This comes following the establishment of  the social networking platform’s Trust and Safety Hub […]

A European Union, report which is due to be made public today, on the General Data Protection Regulation will reveal how small and medium-sized businesses are having great difficulty in investing the funds required to […]

Last Friday it was revealed that Google had been unsuccessful in the appeal of the €50m General Data Protection Regulation fine which was sanctioned against by the French data protection authority, the CNIL (Commission nationale […]

In the United Kingdom a legal action has been filed under Article 82 of the General Data Protection Regulation (GDPR) in the High Court on behalf of nine million easyJet customers whose private data was […]

In Hungary the government has taken the decision to suspending the rights of data subjects under the European Union’s General Data Protection Regulation (GDPR). This suspension will remain in place until such time as the […]

In Ireland the child and family protection agency, Tusla, has been fined €75,000 arising out of an investigation into three cases where information about children was wrongly disclosed to unauthorised parties. This makes Tusla has […]

In the Netherlands, the Dutch Data Protection Authority has sanctioned a €725,000 (US$791,000) General Data Protection Regulation (GDPR) fine against a company for scanning its employees’ biometrics with a fingerprint time and attendance system. The […]

The private personal information of over 600,000 Email.it account holders has been illegally obtained and made available for purchase via the dark web. The breach was revealed on Sunday, April 5, following a tweets broadcast […]

In Sweden, the Data Protection Authority (DPA) has taken the decision to sanction a 75 million kronor (US$8 million) General Data Protection Regulation Penalty in relation to a “failure to comply”. This step was taken […]

In the United Kingdom the Information Commissioner’s Office (ICO) has been contacted by Virgin Media to advise them that the personal data belonging to over 900,000 customers has been illegally obtained by an unauthorised third […]

The Information Commissioner’s Officer (ICO)  in the United Kingdom has sanctioned a £500,000 data breach penalty against airline Cathay Pacific in relation to security lapses which exposed of 111,578 UK citizens and up to 9.4 […]

In the United Kingdom, a report issued by the Independent Chief Inspectorate of Borders and Immigration (ICIBI) has revealed that the  Home Office (UK) has broken the European Union’s General Data Protection Regulation  100 times […]

Sports retailer Decathlon, which has outlets in 49 countries globally, has reported a data breach that impacted 123 million records which incorporated unencrypted passwords. The breach was first noticed by VPNmentor on 12 February, and […]

In Ireland, following the publication of the Data Protection  2019 Annual Report, the Irish Data Protection Commissioner has indicated that a litany of large General Data Protection Regulation (GDPR) fine may be on the way […]

In Ireland the Data Protection Commission has become the latest data protection authority in the European Union to instigate an enquiry into the data processing that is being carried out by online dating service Tinder […]

In the United Kingdom the data protection authority, the Information Commissioner’s Office (ICO), has issued a warning to businesses that they must adhere to existing data protection legislation as the country moves away from the […]

Since it was introduced on May 25 2018, €114m in fines and more than 160,000 General Data Protection Regulation (GDPR) data breach notifications have been registered by data protection authorities in the European Union, with […]

A General Data Protection Regulation complaint has been submitted in Norway against LGBTQ+ social networking app Grindr and a number of online advertising companies. The complaints in question were submitted by the Norwegian Consumer Council […]

A cyber breach that impacted approximately 14 million customers of Dixons Carphone in the UK has resulted in the highest possibly fine being applied to the retailer. It was discovered that the tills in retails […]

The first ever General Data Protection Regulation (GDPR) penalty in the United Kingdom has been sanctioned against a London-based pharmacy by the Information Commissioner’s Office (ICO) ICO has fined Doorstep Dispensaree €325,000 (UK£275,000) by the […]

Capgemini have published a new report which indicates that companies that comply with GDPR avail of certain advantages thanks to improved customer engagement and profits. The report has found that GDPR compliant organizations have outperformed […]

A fine of €9.55m has been sanctioned by the German Federal Commissioner for Data Protection and Freedom of Information (BfDI) against telecommunications provider 1&1  for a General Data Protection Regulation (GDPR) breach. The breach occurred […]

The Berlin DPA has sanctioned a General Date Protection Regulation penalty of €14.5 million against Deutsche Wohnen SE, a major real estate company. The real estate company was investigated, through onsite inspections, between June 2017 […]

German Data Protection bodies, known collectively as the DSK, has revealed that agreement has been reached in relation to the calculation of General Data Protection Regulation (GDPR) penalties. Using five different steps to calculate the […]

Poland’s Personal Data Protection Office (UODO) this week decided to fine an online retailer PLN 2.8 million, or €645,000 for “insufficient organizational and technical safeguards”. It has been reported the online retailer in question, Morele.net, […]

The results of a survey conducted by the Capgemini Research Institute has revealed that firms that companies seem to have greatly overestimated their level or preparation for the General Data Protection Regulation (GDPR) which was […]

Start-up Internet browser Brave has submitted new evidence to the Data Protection Commission (DPC) in Ireland which indicates that Google has been using a workaround to try and bypass General Data Protection Regulation (GDPR) rules […]

The Swedish Data Protection Authority (DPA) has  fined the Skelleftea municipality 200,000 Swedish Krona (£16,800, $20,700) for breaching the European Union General Data Protection law (GDPR) by trialling facial recognition on high-school students in Sweden […]

The customer records of 6.8 million customers of a venture capital-backed sneaker trading web portal StockX Incc have been stolen in a recent cybercriminal hacking attack. All the specific details of the attack have yet […]

Following a potential General Data Protection Regulation (GDPR) breach, digital bank Monzo has made contact with 500,000 of its customers to advise them to change their personal identification number (PIN). Monzo became aware of the […]

In Romania, following the conclusion of a National Supervisory Authority, Unicredit Bank has been sanctioned with a US$146,000 (EUR€135,000) General Data Protection Regulation (GDPR) fine in relation to how it uses personal data. This is […]

The Information Commissioner’s Office (ICO), the data authority in the United Kingdom, has revealed that it plans to sanction a $123,705,870 General Data Protection Regulation fine on the Marriott hotel group in relation to the […]

Recently security company Tripwire surveyed 298 IT security professionals who were attending Infosecurity Europe 2019 conference in order to  discover how much knowledge they have in relation to the disclosure requirements of the European Union’s […]

In the UK the Information Commissioner’s Office has sanction ‘Her Majesty’s Revenue and Customs’ (HMRC) with an enforcement action a voice authentication service was implemented which asked callers to record their voice and use it […]

A survey of over 500 United Kingdom-based business has indicated that unencrypted USB devices are still being used by businesses despite the fact that unsecured data could lead to massive general Data Protection penalties. The […]

A Danish taxi company, Taxa 4×35 (Taxa), has been issued with a General Data Protection Regulation penalty by the Denmark’s Data Protection Authority Datatilsynet (DPA) for breaching GDPR data retention periods. The DPA approved a […]

In a recent online article the Harvard Business Review, commenting on the latest massive data privacy breach to hit a U.S.-owned company, shared some important takeaway for  senior managers and regulators to consider in relation […]

Microsoft CEO Satya Nadella, speaking recently during an on-stage interview at World Economic Forum in Davos Switzerland, lead the calls for the global introduction of legislation that enshrines data privacy as a human right. Nadella […]

Last week the German antitrust authority, Bundeskartellamt, ruled that the manner in which Facebook gathers, merges, attributes to and uses data in user accounts is an abuse of its dominant market position. This follows a three-year investigation […]

A recent report, published by the UK-based multinational legal firm DLA Piper, has revealed that since the European Union’s General Data Protection Regulation became enforceable on May 25, 2018, almost 60,000 data breach notifications have […]

CNIL, the French data protection regulator, has sanctioned Google with a €50m fine for breaching its obligations laid down by the European Union’s General Data Protection Regulation (GDPR). The agency released a statement which said that […]

Despite the initial findings of an investigation into a General Data Protection Regulation (GDPR) breach at the Marriott Hotels group indicating that the number of people impacted is lower than expected, the group is facing […]

Guidance on what should happen with transfers of personal data to and from the United Kingdom, including Northern Ireland, following a possible ‘no deal’ Brexit has been published by the Irish Data Protection Commission (DPC). […]

Senior Policy Manager and EU Principal for Mozilla, a company know for its stance on privacy and open internet,  Raegan MacDonald has said that she feels that 2019 will see increased resources poured into the enforcement of the […]

A spokesperson for the Irish Data protection Commission (DPC) recently revealed in an interview that his organisation will be applying the General Data Protection Regulation (GDPR) legislation much more stringently in 2019. Head of Communications […]

The Irish Data Protection Commission (DPC) is investigating another potential General Data Protection Regulation Breach by Facebook following a statement from the social media company admitted a glitch may have exposed unposted photos from up […]

Google has revealed that it has taken the decision to make a number of amendments to its terms of service and privacy policy, amendments which will now refer to Ireland as the location of its […]

Consumer body Which? has conducted an investigation that has revealed several large retailers may be in breach of the European Union’s General Data Protection Regulation (GDPR) rules in how they issue e-receipts to their customers. […]

In a turn up for the books the Irish Data Protection Commission (DPC) is being investigated for possible General Data Protection Regulation breaches in relation to the body’s data protection officer being prevented from successfully completing their […]

The private personal data of approximately 500 million people has been obtained in a hacking attack on Marriott International according to a a statement filed with US regulators by the hotel chain last Friday, December 1. […]

A United States Senate subcommittee has revealed that it is working on a draft of a GDPR-style legislation for the United States. Senators Richard Blumenthal (Democrat) and Jerry Moran (Republican) are putting together a bipartisan […]

A group of European Union-based consumer watchdogs have submitted a data privacy compliant, under the new General Data Protection Regulation legislation, against Google in the belief that the company is using methods to record web users’ […]

A warning has been issued by Instagram that a number of users of the social media platform have had their password details exposed by a security leak. Ironically, this breach occurred due to a flaw […]

The United Kingdom’s Information Commissioner’s Office (ICO) has found that the Washington Post online subscription options are not in compliance with the European Union’s General Data Protection Regulation (GDPR). The online subscription options are not subjected to […]

Dutch investigators are conducting an investigation following claims that Microsoft Office is in breach of the European Union General Data Protection Regulations in relation to the data the software has been gathering including the content […]

The operators of content Management platform WordPress have issued an advisory urging users to refresh the WP GDPR Compliance plug-in as soon as possible due to a flaw in the software leading to a potential […]

Privacy International, a UK-based registered charity that defends and promotes the right to privacy across the world, last week filed a number of complaints against US-based Companies to European based Data Protection bodies concerning suspected breaches of the General Data […]

Facebook is facing the wrath of the European Union’s General Data Protection Regulation (GDPR) once again following a complaint made by the UK Information Commissioner Office (ICO) to the Irish Data Protection Commission (DPC) in […]

A potential General Data Protection Regulation breach impacting members of the firm’s loyalty and rewards scheme has been reported by the Radisson Hotel Group. The Radisson Hotel Group, headquartered in Brussels, Belgium, has chain accounts for […]

In the United Kingdom, law firm RPC released a report which reveals that the average fine for failing to protect against data breaches has doubled to £146,000 in the year to 30 September 2018. ICO […]

Apple CEO Tim Cook, speaking at a conference on data privacy in Brussels, has called for the United States to introduce data protection legislation as stringent as the European Union’s General Data Protection Regulation (GDPR) […]

A survey of 145 US corporate directors of public company boards conducted by BDO USA during August 2018 has revealed that eight out of ten companies have taken steps to ensure they are complying with necessary […]

It has been revealed that Google will be closing down its social media platform Google+ in light of an investigation being launch by the Data Protection Authority in Ireland into reports that it failed to […]

The Data Protection Authority (DPA) in Ireland is investigating social media giant Twitter over possible GDPR non-compliance after the company did not comply with a user request for information. A privacy researcher at the University […]

An interim injunction has been issued by Würzburg Regional Court against a lawyer who displayed an unfinished Privacy Policy on her firm’s website which also included an unencrypted and unprotected contact form. In making the […]

In the UK consumer credit reporting agency Equifax has been fined £500,000 by the Information Commissioner’s Office (ICO) for failing to safeguard millions of UK citizens’ personal data when a cyber attack happened in 2017. Private personal […]

Facebook has revealed that its engineers have discovered, and addressed, a serious data breach on September 25, last Tuesday, which affected approximately 50m account holders. Impacted users have been sent a notification and automatically logged […]

AggregateIQ, a Canadian-based analytics company which acted on behalf of the Vote Leave campaign, has been issued with the first ever UK GDPR notice by the Information Commissioner’s Office (ICO) in relation to business carried out […]

According to a report by the Wall Street Journal Amazon is being investigated due to allegations that some of its staff members have been leaking consumer and company data in return for payment. The claims […]

A GDPR complaint has been filed by the operators of the Brave internet browser with authorities in Ireland and the UK in relation to privacy breaches caused by Google and other ad tech companies. Chief […]

Google stated its case against the CNIL (France’s data protection agency) in relation to the GDPR ‘right to be forgotten’ to the Court of Justice of the European Union (CJEU) on Tuesday 11 September. The CJEU […]

Due to a computer hack accessing credit card data approximately 380,000 customers, British Airways will likely to be the first major company to face a test, and possibly extremely high financial penalties, under the European […]

From October 3, Apple App Store rules will oblige developers will have to disclose how users’ personal data is used, safeguarded and shared under a new privacy policy. In the release posted on the App […]

A new report by cyber security company NTT Security has revealed that 66% UK senior executives admit their company does not have adequate security cover to deal with a security breach the financial impact of […]

French data regulator CNIL has issued a warning to two French data companies, Fidzup and Teemo, for adhering to the European Union’s General Data Protection Regulation. The companies in question operate as location intelligence vendors. They […]

New figures released by law firm EMW in relation to complaints received by the Information Commissioner’s Office (ICO) in the United Kingdom have revealed that the number of data protection complaints submitted to the office […]

ICANN has appealed the most recent decision made against it in the Appellate Court of Cologne. The organisation has argued that the German legal body has made a mistake in decreeing that they had not “sufficiently […]

A report from digital media company GlobalData published in July 2018, indicates that only 54% of North Americans in the global pharmaceuticals industry believe they are informed about the new European Union General Data Protection […]

Irish Telecommunications company eir has revealed that almost 37,000 of its customers have been impacted by a General Data Protection Regulation (GDPR) breach which occurred following the theft of a staff laptop. The laptop, which […]

The result of a recent study by the Reuters Institute at the University of Oxford indicates that the number of tracking cookies on EU news sites has decreased by 22% since the introduction of the […]

A recent report published by consent management platform Quantcast Choice has revealed that, for European Union (EU) domains an average consent rate over 90 percent is being experienced. The signifigance of this is further emphasized when it is […]

Hundreds of U.S. news websites have been unavailable in Europe since the May 25 introduction date of the European Union’s General Data Protection Regulation as they remain uncompliant in relation to the new legislation. Due […]

It has been revealed that a data breach at Dixons Carphone actually saw the personal data of 10 million people accessed, a much higher number than first indicated. A statement released by Dixons on Tuesday […]

Despite being hit with a $5bn EU fine and concerns in relation to the effect of the new EU General Data Protection Regulation (GDPR), Alphabet, a Google-owned company, registered a second quarter revenue of $32.7 billion, […]

Following the introduction of the European Union’s General Data Protection Regulation (GDPR) on May 25 this year, the number of daily active Facebook users in Europe dropped by 3 million people from the first quarter, […]

A FIFA player used GDPR to research all of the the data that video game producer EA held on him and discovered that he had spent $10,000 playing the game over a two-year period. The […]