All General Data Protection Regulation articles
-
News BriefCzech DPA fines Avast $15M over GDPR violations
The Czech Republic’s data protection authority issued a fine of 351 million Czech koruna (U.S. $15 million) against antivirus software vendor Avast for alleged violations of the General Data Protection Regulation.
-
PremiumEDPB decision sparks ‘consent or pay’ debate for Big Tech firms
Big Tech firms might need to rethink their plans to charge users for not selling their personal data for behavioral advertising following a decision by Europe’s primary data regulator.
-
PremiumFocused on consumer privacy? Don’t forget employees’ rights
The implications of a privacy rights case involving a U.K.-based Uber Eats driver underscore a popular belief that companies prioritize protecting the personal information of their customers over the data rights of their employees.
-
OpinionNew leadership no easy fix for Irish DPC’s GDPR woes
The Irish Data Protection Commission has a new leadership structure, but it is uncertain whether the changes can get the key privacy regulator caught up on enforcement of the General Data Protection Regulation.
-
PremiumICO primed for enforcement increase behind new fining guidance?
The Information Commissioner’s Office updated its data protection fining guidance to provide companies with greater transparency and clarity about how and why it would issue penalties for a breach of the U.K. General Data Protection Regulation or Data Protection Act 2018.
-
PremiumPrivacy by design a silver bullet for stemming AI risks?
The proliferation of artificial intelligence technologies—and their reliance on publicly available data—has reinforced the need for tech developers and the companies using their solutions to ensure privacy by design and by default is at the crux of any offering.
-
News BriefItalian DPA fines UniCredit $3M over data breach GDPR lapses
The Italian data protection authority announced a fine of €2.8 million (U.S. $3 million) against UniCredit for alleged violations of the General Data Protection Regulation regarding insufficient security measures the bank had in place during a cyberattack.
-
PremiumPublic consultation on GDPR opens door for changes
Feedback from a European Commission consultation on the six years of enforcement of the General Data Protection Regulation could result in tweaks to the rules and potential changes to the way data protection authorities enforce them.
-
PremiumToeing the ‘fine line’ of cloud security compliance
When organizations move their data or operations to the cloud, the compliance team has their work cut out and then some, experts discussed at CW’s Cyber Risk & Data Privacy Summit.
-
PremiumThe blurred lines of employee monitoring under GDPR
The French data regulator’s fine against an Amazon warehouse manager for violating employees’ rights to privacy in the workplace once again raises questions about what constitutes an overzealous approach to employee monitoring and why companies fail to recognize the signs.
-
PremiumExamining precedent set by French DPA’s Amazon employee monitoring fine
The decision by France’s data regulator to fine an Amazon warehouse manager for breaches of the General Data Protection Regulation over the way it monitored employee productivity raises questions about the reach data protection authorities have over corporate conduct.
-
News BriefUber facing $11M fine over driver privacy rights violations
Ride-hailing company Uber Technologies was assessed a penalty of €10 million (U.S. $11 million) by the Dutch Data Protection Authority for alleged privacy rights violations regarding the handling of European drivers’ personal data.
-
PremiumMeta’s ‘pay or consent’ model to force GDPR to adapt?
Experts weigh in on Meta’s plans to charge EU users monthly if they do not want to be tracked for online advertising and what the ramifications of the model would mean for the future of the General Data Protection Regulation.
-
News BriefAmazon unit fined $35M under GDPR for employee productivity tracking
Amazon’s warehouse management arm in France was assessed a penalty of €32 million (U.S. $35 million) for violating the General Data Protection Regulation by excessively tracking the productivity of employees.
-
News BriefGDPR-minded Microsoft offers cloud customers EU-based personal data storage
Microsoft announced an expansion to its European Union data storage efforts that would allow cloud customers to keep all personal data stored within the EU boundary.
-
PremiumEthical compliance for facial recognition technology
The lack of clear regulations and guidelines for the ethical use of facial recognition technology further exacerbates concerns of discriminatory practices and potential infringements on human rights.
-
PremiumShades of GDPR? Experts assess AI Act as global standard
As the European Union’s AI Act sets its sights on 2026 to take full effect, experts are concerned other key jurisdictions might introduce divergent legislation that treats artificial intelligence use differently, thus making it difficult for companies to ensure compliance.
-
PremiumAssessing impact of court ruling on GDPR strict liability
The idea companies can be held “strictly liable” for violations of the European Union’s privacy rules was shot down, following a judgment from Europe’s top court relating to a case involving German property company Deutsche Wohnen.
-
PremiumExperts: More privacy rules, enforcement expected in 2024
Businesses can prepare for a bumpy ride as the 2024 global landscape of data privacy and other related laws and regulations begins to take shape.
-
News BriefDeutsche Wohnen earns CJEU win in high-profile GDPR appeal
German property company Deutsche Wohnen’s court win regarding a penalty levied against it for alleged violations of the General Data Protection Regulation carries notable ramifications for enforcement of the EU privacy law.