8 compliance challenges facing European companies in coronavirus crisis
Due diligence, data, solvency, and supply chain management risks are just some of the issues Europe’s employers are struggling with as normal business has come to a standstill during the coronavirus pandemic.
Confusion around GDPR during coronavirus prompts EDPB response
The European Data Protection Board has released a statement attempting to clarify how personal data can be processed by companies during the ongoing coronavirus pandemic.
Advice for European compliance officers dealing with coronavirus
Although the coronavirus situation is constantly changing, lawyers say there are several areas of corporate life that are going to test compliance officers and which management will need greater assurance on.
EDPB chair: Processing personal data in the context of coronavirus
The chair of the European Data Protection Board addresses things companies need to consider as they process different types of personal data in the context of the coronavirus.
Swedish watchdog fines Google $7.6M for GDPR non-compliance
Google has received its second fine to date for violating Europe’s General Data Protection Regulation; Sweden’s Data Protection Authority fined the internet giant 75 million Swedish Kroner (U.S. $7.6 million).
Virgin Media could face GDPR pressure after data breach
Virgin Media is likely to be in the GDPR crosshairs after disclosing a recent breach that affected approximately 900,000 customers to the U.K.’s data regulator.
Ireland GDPR caseload nearly doubled in 2019
The Irish Data Protection Commission received 7,215 complaints during the first full year the General Data Protection Regulation was in force, representing a 75 percent increase on 2018’s figures of just over 4,000.
Ireland raid over privacy concerns jilts Facebook Dating
Facebook wants to play Cupid in Europe, but the Irish Data Protection Commission got its arrow in the tech giant first.
Experts weigh in on Brexit consequences for GDPR, AML, more
The wheels to the United Kingdom’s exit from the European Union are finally in motion, but the hard work still remains as to what kind of future trading relationship the country has with the single market.
Ireland probing Google, Tinder for GDPR violations
Ireland’s data regulator has announced new investigations into Google and MTCH Technology Services—the company behind dating app Tinder—over complaints users’ personal data is being misused in violation of the GDPR.
Germany’s dual approach to data regulation under the GDPR
Germany is staying ahead of the game with an advanced crackdown on data privacy and competition law violations.
Study expects GDPR fines to rise in 2020
DLA Piper’s latest data breach survey suggests the penalties handed out under the General Data Protection Regulation thus far are not as harsh as they could have been—though that could change in 2020.
e-Book: Firms face mounting pressure from GDPR
More firms have been stymied by the General Data Protection Regulation.
App firms, adtech industry in firing line over possible GDPR violations
The Norwegian Consumer Council, a consumer rights champion, has uncovered a serious no-no in the world of GDPR: popular apps sharing user data, such as religious beliefs and sexual preferences, to advertising and marketing firms in order to drive their own revenue.
ICO hands out first GDPR fine as BA, Marriott cases linger
The U.K. Information Commissioner’s Office has levied its first fine under the GDPR against a London-based pharmacy. Record-setting penalties announced by the ICO in July against British Airways and Marriott are still not finalized.
Top EU advisor: Clauses used for EU-U.S. data transfers ‘valid’
Big Tech can breathe a sigh of a relief that the mechanisms it uses to transfer data outside of the European Union to “third countries” provide sufficient privacy protection, according to a key advisor to the EU’s top court.
1 & 1 Telecom fined $10.6M for GDPR violations; company fights back
A German federal privacy watchdog has fined 1 & 1 Telecom €9.55 million (U.S. $10.6 million) for violations of the EU’s General Data Protection Regulation, but the company says it won’t accept the penalty.
Privacy warfare: Competitors, consumers pose new risks
With a new wave of privacy laws empowering consumers to police their own data, companies are facing increased risk in areas they might not have considered.
Regulators sympathetic to GDPR growing pains but expect maturity
Officials from a pair of EU data privacy sanctioning bodies stressed importance of data protection officers and good-faith efforts to comply with GDPR.
Ireland vs. Big Tech: The wait continues
It’s been 18 months since the General Data Protection Regulation went into effect, and still no violations have come out of Ireland. Is the Emerald Isle dragging its feet? CW Editor in Chief Dave Lefort attempts to answer that question.
Best practices for choosing the right data privacy software
Don’t expect a plug-and-play technology solution to this complex new problem.
Microsoft updates cloud contract privacy amid EDPS probe
Microsoft has updated the privacy provisions of its commercial cloud contracts amid a European Data Protection Supervisor investigation that revealed “serious concerns” in its preliminary findings.
From sea to shining CCPA: Microsoft to extend privacy law across U.S.
In a blog post this week, Microsoft announced its intention to extend the core rights of the upcoming California Consumer Privacy Act to its customers across the United States.
Mistrust mars Google’s acquisition of Fitbit
Fear and frustration were prevalent among Fitbit owners after its pending acquisition by Google was announced. Given the tech giant’s recent privacy lapses, it’s tough to blame them.
Seven takeaways: Privacy, Big Tech in spotlight at ICDPPC
The International Conference of Data Protection and Privacy Commissioners offered varying perspectives on the latest in data privacy and technology from the likes of regulators, experts, and campaigners.
Microsoft president: Tech companies must embrace privacy regs
At a recent data privacy event, Microsoft’s president and chief legal officer discussed the evolution of data protection rules and how new technology needs to better align with privacy regulation.
Survey highlights pain points of GDPR implementation
Most organizations failed to meet the May 2018 deadline to comply with the launch of the EU’s tough new privacy rules, and the majority of them still find compliance a challenge, according to a recent survey.
Microsoft facing GDPR probe in Ireland
The Dutch Data Protection Agency has referred Microsoft to its home EU regulator in Ireland regarding new privacy concerns with its Windows 10 operating system.
European Data Protection Supervisor head Giovanni Buttarelli passes away
European Data Protection Supervisor Giovanni Buttarelli has passed away, his office announced in a statement Wednesday. He was 62.
How GDPR, CCPA impact healthcare compliance
While most healthcare organizations have pretty much nailed down their data privacy requirements for HIPAA and HITECH, new privacy mandates under the GDPR and CCPA could throw a wrench into the system.
EU assessment: GDPR showing results, but ‘work needs to continue’
The EU’s tough new data rules are “bearing fruit,” but some member states have still not put GDPR into law, and only 20 percent of EU citizens seem aware of which public authority is responsible for protecting their personal information.
GDPR enforcement varies widely by country
Most EU countries have now issued fines under the GDPR. Determining which are the toughest enforcers depends on one’s viewpoint—we lay out country-by-country look at the enforcement trends to date.
All eyes on how Ireland will handle Big Tech and GDPR
Ireland—home EU regulator to Big Tech firms including Google, Twitter, and Facebook—is the key country not to have issued a GDPR-related fine yet, though the regulator has said it has started at least 19 inquiries into the sector.
What we can learn from the biggest GDPR fines so far
Recent record-breaking fines for GDPR violations levied on British Airways and Marriott by the U.K. Information Commissioner’s Office offer a glimpse into what GDPR enforcement might look like going forward and serve up a warning to companies that data privacy protocols must be foolproof.
Marriott reveals $124M GDPR fine for data breach
Marriott has disclosed in a filing with the SEC that the U.K.’s Information Commissioner’s Office intends to fine it roughly £99 million (U.S. $124 million) for infringements of the EU’s GDPR.
British Airways faces record-setting GDPR fine of $230 million
British Airways was hit Monday with the largest penalty to date under the EU’s GDPR, a £183.39m (U.S. $230 million) fine stemming from the compromised data of nearly 500,000 customers.
French real estate company fined €400,000 for GDPR violations
France’s data watchdog CNIL levied a €400,000 (U.S. $453,000) fine on real estate services provider Sergic for failing to adequately protect the data of its Website’s users.
EDPB adopts final Codes of Conduct guidelines
European data protection authorities met on June 4 to discuss guidelines for Codes of Conduct in relation to the General Data Protection Regulation.
ICO: U.K. companies can expect large GDPR fines soon
Year 1 under the General Data Protection Regulation saw no fines handed out in the United Kingdom. Year 2 could be a much different story,
‘Context’ matters in AI decision making, says ICO
Transparency for all AI-generated decisions is not as important as context, according to new research from U.K. data regulator the Information Commissioner’s Office.
One year in, no fines yet from U.K. regulator on GDPR
A Freedom of Information Act request shows Britain’s data protection watchdog has imposed just 29 financial penalties in the last year, none of which came under the EU’s General Data Protection Regulation.
Ireland investigates Google over GDPR
The Irish Data Protection Commission is investigating whether Google’s online Ad Exchange violated General Data Protection Regulation provisions.
Happy birthday, GDPR: A look back at Year 1
As the EU’s General Data Protection Regulation celebrates its first “birthday,” an expert panel met at Compliance Week 2019 to share their experiences in prepping, implementing, and following up.