Data privacy

Italy fines Uber €4 million

Italy’s data protection regulator has found that Uber provided inadequate privacy notices to both drivers and riders, and failed to obtain the necessary consent to carry out scoring for fraud risk.

20 May 2022

TalkTalk says data breach litigation claimants conducting a “classic fishing expedition”

Counsel to TalkTalk has said that allowing parts of a data breach case against it to proceed would amount to “pure heresy in the face of all the jurisprudence”, following the claimants’ application for information about possible data breaches.

19 May 2022

Google slapped with €10 million GDPR fine

Spain’s data watchdog has issued its highest fine to date after finding that Google unlawfully transferred personal data to a US database.

18 May 2022

Report finds GDPR used to effectively regulate automated decision-making

The GDPR is being used to regulate increasingly complex cases involving automated decision-making and similar technologies, according to a new report that examined more than 70 decisions, opinions and guiding documents.

17 May 2022

Spanish data watchdog expands surveillance footage retention rules

The Spanish data regulator has found that an individual’s right of access to video surveillance footage in the context of a damages claim outweighed a supermarket’s obligation under national data laws to delete the data within one month.

17 May 2022

EDPB clarifies GDPR fine regime

The European Data Protection Board’s much-anticipated GDPR fining calculator is designed to harmonise diverging approaches to penalties across Europe.

16 May 2022

DPA dropped from Google/DeepMind claim

A new representative action against Google and subsidiary DeepMind for their use of UK National Health Service data is being pleaded on the basis of misuse of private information, after a similar lawsuit brought under the Data Protection Act was discontinued.

16 May 2022

Bifurcated class actions might not be a Lloyd v Google fix

A procedure that might avoid some of the issues in Lloyd v Google might not be workable for litigation funders, a defence-side solicitor and a litigation funder have agreed.

13 May 2022

Experts call for cross-border harmonisation of APAC data laws

APAC countries should seek to find common ground and set a floor for data regulations as they bolster their own frameworks, a GDR conference has heard.

12 May 2022

Data regulators seek greater role in digital rules - CNIL report

European data watchdogs are suggesting they should be designated as national supervisory authorities for both the DGA and the AI Act according to the French regulator’s 2021 annual report, which also covered the CNIL’s approach to cookies and penalties.

12 May 2022

Unlock unlimited access to all Global Data Review content