News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By Neil Hodge2023-02-28T13:00:00
Experian won a legal battle against the U.K. Information Commissioner’s Office (ICO) after the data regulator ordered the credit reference agency to make “fundamental changes” over the way it handled personal data for direct marketing purposes or stop altogether.
In October 2020, following a two-year investigation, the ICO issued Experian an enforcement notice—rather than a fine—for breaching the European Union’s General Data Protection Regulation (GDPR) by processing and selling personal data for postal and telephone marketing campaigns without people’s knowledge or consent.
Through its direct marketing arm, Experian acquired personal data on people from a mix of publicly available sources like the electoral register, other data suppliers, and its own credit reference business, according to the ICO. Rather than try to gain consumers’ consent, Experian allegedly relied on the concept of “legitimate interest” to use personal data to build a profile on around 50 million adults, which it then sold to third parties to help target marketing promotions more effectively.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
2023-10-12T19:34:00Z By Kyle Brasseur
Credit reporting agency TransUnion agreed to pay $23 million total across settlements with the Consumer Financial Protection Bureau and Federal Trade Commission for alleged tenant screening and security freeze deficiencies.
2023-05-12T13:51:00Z By Neil Hodge
A decision by Europe’s Supreme Court regarding Austria’s main postal service might make it easier for the bloc’s citizens to bring legal claims for privacy breaches—with potentially unlimited scope for damages.
2023-03-08T13:00:00Z By Neil Hodge
The U.K. Information Commissioner’s Office began publishing the details of cases where organizations breached the General Data Protection Regulation but were not fined. Legal experts share their take on the initiative.
2024-07-02T20:35:00Z By Adrianne Appel
Three former executives of Chicago-based Outcome Health, a healthcare technology company, were sentenced for misleading an auditor, clients, lenders, and investors about a scheme to sell $45 million in overbilled advertisements.
2024-07-02T14:42:00Z By Adrianne Appel
A home health company operating in Indiana, Ohio, and Texas agreed to pay nearly $4.5 million to settle allegations it filed false claims by giving sports tickets and other kickbacks to assisted living facilities in exchange for referrals.
2024-07-02T13:50:00Z By Aaron Nicodemus
Crypto-friendly Silvergate Bank will pay a total of $63 million penalties to California and the Federal Reserve Board to settle charges that its anti-money laundering program failed to properly monitor more than $1 trillion worth of customer transactions.
Site powered by Webvision Cloud