Google was ordered to pay 60 million Australian dollars (U.S. $42 million) to resolve charges levied by Australia’s competition regulator it misled its Australian customers about how to opt out from the collection of their personal location data.
Data Privacy
Posted inData Privacy
FTC seeks to expand authority on data breaches, commercial surveillance
The Federal Trade Commission is seeking comment on potential rules that would penalize companies that suffer data breaches due to lax cybersecurity protocols and punish firms that engage in abusive commercial surveillance practices.
Posted inEurope
Adtech firm Criteo facing $61M GDPR fine in France
Adtech firm Criteo faces a proposed fine of €60 million (U.S. $61.4 million) from France’s data protection authority for noncompliance with the European Union’s General Data Protection Regulation.
Posted inData Privacy
Proposed NIST cybersecurity guide incorporates HIPAA Security Rule
The National Institute of Standards and Technology is seeking comment on proposed guidance intended to help healthcare organizations that fall under the regulatory umbrella of the Health Insurance Portability and Accountability Act’s Security Rule.
Posted inEurope
One year later, Amazon GDPR fine details remain clouded
It’s been one year since online retailer Amazon announced it was on the receiving end of a record €746 million (U.S. $758 million) fine under the General Data Protection Regulation, but details about the decision—as well as the actual complaint—remain sketchy.
Posted inEurope
Volkswagen fined $1.1M under GDPR for unauthorized data collection
Volkswagen has agreed to pay €1.1 million (U.S. $1.1 million) to resolve allegations of violating the General Data Protection Regulation when a camera on one of its test vehicles recorded nearby drivers without their knowledge.
Posted inEurope
EDPB adopts criteria for GDPR cross-border cooperation cases
The European Data Protection Board adopted a set of criteria to assess whether a cross-border matter might qualify as a case of “strategic importance” for closer cooperation—and how to proceed if it does.
Posted inEurope
Clearview AI fined third time for GDPR violations
The Hellenic Data Protection Authority in Greece fined controversial facial image aggregator Clearview AI a record €20 million (U.S. $19.9 million) for unlawfully processing the biometric data of Greek citizens.
Posted inEurope
EDPS: U.K. GDPR reforms could create friction with EU
The United Kingdom’s keenness to agree to its own data adequacy decisions with countries like the United States could become a contentious issue with the European Union, according to European Data Protection Supervisor Wojciech Wiewiórowski.
Posted inEurope
Facebook fate in EU thrusts transatlantic data flows back in spotlight
Reports of a potential shutdown of Meta services Facebook and Instagram in the European Union that could take place as soon as this summer underscore what’s at stake as the region works with the United States to finalize a new agreement on how to handle transatlantic data flows.
