News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By Neil Hodge2023-05-12T13:51:00
A decision by Europe’s Supreme Court might make it easier for the bloc’s citizens to bring legal claims for privacy breaches—with potentially unlimited scope for damages.
On May 4, the Court of Justice of the European Union (CJEU) issued its ruling in the case of the Österreichische Post, Austria’s main postal service, which since 2017 had been using an algorithm to determine the political affinities of the country’s population—allegedly without their consent—to help with targeted mail shots during election campaigns. One citizen complained and sought 1,000 euros (U.S. $1,100) in damages.
The Austrian Supreme Court initially questioned whether the General Data Protection Regulation (GDPR) allowed compensation payments for every breach of the rules or if a certain level of “seriousness” needed to be reached first. It also wanted clarity about the size of any damages that could be imposed once these criteria had been satisfied.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
2023-05-09T13:28:00Z By Kyle Brasseur
The Croatian data protection authority handed down its largest penalty under the General Data Protection Regulation to date: a fine of nearly €2.3 million (U.S. $2.5 million) against debt collector B2 Kapital.
2023-04-24T14:05:00Z By Neil Hodge
Despite suggestions the European Union could look to the United Kingdom when considering future changes to the General Data Protection Regulation, legal experts question the impact planned U.K. reforms to the privacy law will have on multinational businesses.
2023-02-28T13:00:00Z By Neil Hodge
Experian won a legal battle against the U.K. Information Commissioner’s Office after the data regulator ordered the credit reference agency to make “fundamental changes” over the way it handled personal data for direct marketing purposes or stop altogether.
2024-06-24T21:02:00Z By Jeff Dale
Facial recognition company Clearview AI reached a preliminary settlement in a class action lawsuit alleging it violated the Illinois Biometric Privacy Act, with the company agreeing to compensate victims with stake in the company.
2024-05-02T14:57:00Z By Neil Hodge
The General Data Protection Regulation has been in force for nearly six years. Some industries—and some companies—have been more prone to fall foul of the rules than others.
2024-04-19T19:16:00Z By Neil Hodge
Big Tech firms might need to rethink their plans to charge users for not selling their personal data for behavioral advertising following a decision by Europe’s primary data regulator.
Site powered by Webvision Cloud