compliance

Meta Hit by Record GDPR Fine

Meta Hit by Record GDPR Fine Facebook’s parent company is no stranger to fines under European data protection laws, having been served fines of up to €265 million over the last few years. A lot of money, but some have said that to Facebook, it’s a drop in the ocean. The latest fine to be levied against the social media giant is enough to quash those complaints, €1.2 billion times over.

Continue reading

Meta Gets Yet Another GDPR Fine

Meta Fined by GDPR Watchdog - Again Facebook’s owner has been fined €265 million by the Irish Data Protection Commission after a breach resulted in the details of more than 500 million users being published online. The Data Protection Commission (DPC) said Meta had infringed two articles of the EU’s data protection laws after details of Facebook users from around the world were “scraped” from public profiles in 2018 and 2019.

Continue reading

UK to Replace GDPR

A UK-Specific Data Protection Framework? The British government announced at the 2022 Conservative party conference at ICC Birmingham that it will replace the General Data Protection Regulation with a new British data protection system. Culture secretary Michelle Donelan said the change is being made as the current EU GDPR is “limiting the potential of our businesses” and that the system will be more “business and consumer friendly”. She went on to say:

Continue reading

Volkswagen Fined by Lower Saxony DPA

Volkswagen Fined €1,100,000 For Silly Mistakes A third-part hired by Volkswagen conducted some vehicle test-drives for them. Volkswagen were the data controller, the third-party were their data processor. The vehicles in question were testing anew type of driver-assist. Specifically, the system used video input to robotic vision units to monitor what the traffic around the car, so that it could gauge whether corrective action needed to be taken. The vehicle was driven across the border into Austria, and was stopped by police near Salzburg.

Continue reading

Right to Erasure

Actually, It’s the Right to Request Erasure The Belgian Data Protection Authority have upheld the rights of a media publisher, De Tijd, to refuse a data subject’s request for erasure. The item in question is a news article in the De Tijd’s online archive. The DPA said that in this case the publisher’s right to freedom of expression and information took precedence. Background The data subject was the former owner of an electric scooter business.

Continue reading

Restored Data Leads to Fine

Restoring a Laptop From a Backup Leads to €7500 Fine The Belgian DPA has issued a €7500 fine against a company for restoring personal data onto a company laptop. The data belonged to a former employee. After their termination from the company the ex-employee wiped his personal data from the computer. He said he had deleted his personal mailbox. The company say he wiped the entire laptop. Either way, the company restored the laptop from a backup, which restored the former employee’s personal data along with everything else.

Continue reading

Google Fonts Break GDPR!

Using Google Fonts on Websites Breaks GDPR A ruling on Jan. 20, 2022 by the Germany’s Landgericht München’s third civil chamber in Munich found the website owner to be in breach of the GDPR. Websites are able to make use of fonts provided by Google. Google makes these fonts available because they provide another string to its data collecting bow. When a person visits the website, the font is downloaded to their computer from Google so that the website is rendered accurately and as intended, with the correct typefaces.

Continue reading

Individual Fined Under GDPR

Austrian Data Protection Authority Fines Individual for Data Breach The Austrian Data Protection Authority, the Österreichische Datenschutzbehörde (DSB), has issued a fine to an individual under GDPR law. The fine is €600.00. If it is irrecoverable, the individual will face 36 hours imprisonment. The facts of the case revolve around two individuals, person A, a kindergarten teacher, (the victim) and person B (the offender). Person A took sick leave in 2013 and 2014.

Continue reading

New Artificial Intelligence Regulations On the Horizon

The Need for Legislation Software vendors and technology manufacturers seem to be racing each other to include AI in their products. Service providers, social media platforms, and online shopping giants all use AI too. Amazon uses AI to suggest products to you based on your purchase, search, and viewing history. YouTube does something similar to compile video suggestions for you. AI also touches our lives in more subtle, behind-the-scenes, ways.

Continue reading

UK EU Adequacy Decision Accepted

UK EU Adequacy Decision Accepted On the June 17, 2021 the EU countries voted on the adequacy decision for the UK. The item in question—the bit that’s either adequate or not—is the UK’s data protection framework. The data protection framework of a non-EU country has to be ratified by the EU before personally identifiable information is permitted to be sent from the EU to that country. Basically, the data protection framework in the non-EU country must be as thorough as the GDPR, and the personally identifying information must be protected and safeguarded just as comprehensively as if it were being processed in a EU country.

Continue reading