All GDPR articles
-
News BriefIrish DPC fines LinkedIn $335M over GDPR violations related to targeted advertising
The Irish Data Protection Commission fined Microsoft-owned LinkedIn 310 million euros (U.S. $335 million) over violations of the European Union’s General Data Protection Regulation related to the social media company’s data processing and targeted advertising.
-
PremiumPace of innovation will make EU AI Act hard to enforce, experts say
Concerns about how robustly European member states may enforce the EU AI Act, which took effect on Aug. 1, are divided between if regulators will take a “light touch” approach or a sledgehammer for noncompliance. One thing’s for sure, the pace of AI innovation will make enforcement very difficult.
-
EventPhoto gallery: Compliance Week Europe 2024
Compliance Week Europe, held Oct. 15-16 in Amsterdam in partnership with our sister organization the Internation Compliance Association, gathered more than 200 GRC professionals across industries. Check out some of the sights from the event.
-
PremiumControl and delete: How regulators can shutdown companies’ AI investments
Companies are increasingly putting their faith in AI to realize the kind of business benefits that the technology seems to promise, but they are also opening themselves up to new and potentially crippling sanctions if they are unable to answer questions that surround how AI operates.
-
News BriefIrish DPC fines Meta $102M over GDPR violation linked to improper storage of passwords
The Irish Data Protection Commission fined Meta Ireland 91 million euros (U.S. $102 million) for multiple violations of the European Union’s General Data Protection Regulation related to the inadvertent storage of user passwords without encryption.
-
PremiumAI misuse could lead to sanctions from multiple regulators, experts warn
The proliferation of AI, as well as the promised business cases promoting its use, has led companies around the world to quickly invest in the technology. Executives hope these AI tools will improve efficiencies, reduce costs, and help them stay competitive. But it could lead to just the opposite.
-
PremiumClearview AI’s GDPR fines rise to $110M total after latest penalty by Dutch DPA
Clearview AI was fined 30.5 million euro (U.S. $33.8 million) by the Dutch Data Protection Authority and ordered to stop collecting images of Dutch citizens in the latest enforcement action against the U.S. company.
-
News BriefDutch DPA fines Uber $324M over transferring driver data to U.S.
The Dutch Data Protection Authority fined Uber 290 million euros (U.S. $323.7 million) for illegally transferring data on European drivers to American servers and failing to appropriately safeguard the transfers.
-
News BriefSpanish DPA dings retailer Uniqlo $294K over GDPR violations
Spain’s data protection authority fined retailer Uniqlo Europe 270,000 euros (U.S. $294,000) over admitted violations of the European Union’s General Data Protection Regulation.
-
PremiumWhat’s the problem for GDPR repeat offenders?
The General Data Protection Regulation has been in force for nearly six years. Some industries—and some companies—have been more prone to fall foul of the rules than others.
-
News BriefCzech DPA fines Avast $15M over GDPR violations
The Czech Republic’s data protection authority issued a fine of 351 million Czech koruna (U.S. $15 million) against antivirus software vendor Avast for alleged violations of the General Data Protection Regulation.
-
PremiumEDPB decision sparks ‘consent or pay’ debate for Big Tech firms
Big Tech firms might need to rethink their plans to charge users for not selling their personal data for behavioral advertising following a decision by Europe’s primary data regulator.
-
PremiumFocused on consumer privacy? Don’t forget employees’ rights
The implications of a privacy rights case involving a U.K.-based Uber Eats driver underscore a popular belief that companies prioritize protecting the personal information of their customers over the data rights of their employees.
-
OpinionNew leadership no easy fix for Irish DPC’s GDPR woes
The Irish Data Protection Commission has a new leadership structure, but it is uncertain whether the changes can get the key privacy regulator caught up on enforcement of the General Data Protection Regulation.
-
PremiumICO primed for enforcement increase behind new fining guidance?
The Information Commissioner’s Office updated its data protection fining guidance to provide companies with greater transparency and clarity about how and why it would issue penalties for a breach of the U.K. General Data Protection Regulation or Data Protection Act 2018.
-
PremiumPrivacy by design a silver bullet for stemming AI risks?
The proliferation of artificial intelligence technologies—and their reliance on publicly available data—has reinforced the need for tech developers and the companies using their solutions to ensure privacy by design and by default is at the crux of any offering.
-
News BriefItalian DPA fines UniCredit $3M over data breach GDPR lapses
The Italian data protection authority announced a fine of €2.8 million (U.S. $3 million) against UniCredit for alleged violations of the General Data Protection Regulation regarding insufficient security measures the bank had in place during a cyberattack.
-
PremiumPublic consultation on GDPR opens door for changes
Feedback from a European Commission consultation on the six years of enforcement of the General Data Protection Regulation could result in tweaks to the rules and potential changes to the way data protection authorities enforce them.
-
PremiumToeing the ‘fine line’ of cloud security compliance
When organizations move their data or operations to the cloud, the compliance team has their work cut out and then some, experts discussed at CW’s Cyber Risk & Data Privacy Summit.
-
PremiumThe blurred lines of employee monitoring under GDPR
The French data regulator’s fine against an Amazon warehouse manager for violating employees’ rights to privacy in the workplace once again raises questions about what constitutes an overzealous approach to employee monitoring and why companies fail to recognize the signs.