Clearview agrees to stop private sector database access

Clearview AI will no longer allow private entities and individuals to purchase or use its facial vectors database as part of a settlement.

12 May 2022

EU court rejects anti-fraud office lawsuit

The General Court has rejected a lawsuit that claimed the European anti-fraud office had breached data protection rules for EU institutions by issuing a press release about an investigation involving the claimant.

10 May 2022

Rare Marriott class certification involved novel damages theory

The recent certification of a class pursuing Marriott and Accenture over a high-profile data breach has potentially cleared a path to demonstrating concrete damages caused by a cyberattack.

10 May 2022

Dutch ombudsman rejects money mule data deletion request

The Dutch financial services ombudsman has ruled that banks are permitted to keep the personal data of fraudulent customers, albeit for a shorter time than for other instances of personal data storage.

09 May 2022

Court upholds Spanish football league GDPR fine

Spain’s national high court has confirmed the data regulator’s €250,000 fine against La Liga for recording audio to combat piracy without proper user consent, after the company appealed the watchdog's decision.

09 May 2022

Judge certifies Marriott and Accenture data breach class

A Maryland-consolidated federal class action pursuing damages linked to the 2018 Marriott data breach has been greenlit, with a judge agreeing with the claimants’ formula for valuing affected personal data.

05 May 2022

Judge sides with regulator in financial services cybersecurity case

Australia’s federal court has found RI Advice failed to ensure adequate cybersecurity measures across its authorised representatives, in a landmark case shedding light on cybersecurity requirements for financial service licensees.

05 May 2022

New Google/DeepMind action filed

Google and subsidiary DeepMind are facing a new UK privacy lawsuit, three months after the same claimant’s previous class action over the companies’ use of UK National Health Service data was pulled.

29 April 2022

Advocate general says controllers should inform third parties of deletion requests

An advocate general of the European Court of Justice has said that data controllers which receive a request for deletion of an individual’s data are obliged to pass that request along to third party controllers.

28 April 2022

ECJ confirms GDPR consumer protection litigation right

The highest EU court has ruled that consumer groups have the right to launch data protection lawsuits, in a move that could bolster GDPR representative actions across the bloc.

28 April 2022

Get unlimited access to all Global Data Review content