- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Neil Hodge2022-08-26T17:28:00
French hotel chain Accor had its initial fine for cross-border data privacy violations increased sixfold after one data regulator involved in the decision-making process complained an original penalty of 100,000 euros (U.S. $99,900) was too low.
The company, which owns hotel chains Novotel, Ibis, and Mercure, now faces a fine of €600,000 (U.S. $599,000) after the European Data Protection Board (EDPB), the European Union’s overarching regulator for infringements of the General Data Protection Regulation (GDPR), was forced to intervene following a lack of agreement between France’s CNIL and the Polish data protection authority (DPA).
The ruling, published Aug. 17, marks the second time the EDPB has substantially increased a fine in a cross-border case. In December 2020, the regulator played part in raising the Irish Data Protection Commission’s original suggested GDPR fine against Twitter from between €135,000 and €275,000 to €450,000 (then-U.S. $547,000).
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
Regulators and privacy experts speaking at the European Data Protection Supervisor’s conference homed in on the flaws of the General Data Protection Regulation and what improvements need to be made to ensure more consistent enforcement of the law.
Marie-Christine Vittet, vice president of compliance at hospitality chain Accor, shares with Compliance Week the company’s journey toward a global data privacy compliance program.
Ireland’s first major decision against a Big Tech company under the GDPR has stirred controversy as the country’s data regulator hit Twitter with an underwhelming €450,000 (U.S. $547,000) fine for a 2018 data breach.
Purported “testimonial and review” service Rytr agreed to stop selling its program that used artificial intelligence to create fake content as part of a consent order with the Federal Trade Commission.
Bank of America avoided a monetary penalty in agreeing to settle charges with the Treasury Department’s Office of the Comptroller of the Currency but was ordered to shore up previously disclosed deficiencies in its Bank Secrecy Act/anti-money laundering (BSA/AML) and sanctions compliance programs.
Aviation maintenance services provider AAR Corp. will pay nearly $56 million to settle charges that it violated the Foreign Corrupt Practices Act when it paid bribes to government officials in Nepal and South Africa.
