Enforcement

EU-wide calculator for GDPR fines in development

The European Data Protection Board is working on a tool to help authorities calculate fines for GDPR infractions, GDR has learned.

06 March 2020

Dutch tennis association to appeal regulator’s legitimate interest snub

A Dutch tennis association is fighting a fine levied for what it perceives as an overly strict interpretation of the GDPR's legitimate interests provision by the country's data watchdog.

04 March 2020

AT&T plaintiff counsel joins criticism of FCC’s $200m fine

A lawyer for plaintiffs suing AT&T over the alleged mishandling of consumer location data has added to criticism of the US Federal Communications Commission, labelling its recent fine “inadequate” and suggesting the enforcement demonstrates the need for a private right of action.

04 March 2020

Cathay Pacific accepts ICO data breach decision

Cathay Pacific will not contest the UK data watchdog’s decision to impose the maximum possible pre-GDPR fine against it, in the wake of a security breach that affected millions of data subjects worldwide.

04 March 2020

GDPR enforcement roundup: Polish appeal, Vodafone Spain, hefty Dutch fine

Three recent GDPR decisions across the EU – one in an appeal court and two by enforcers – show the continuing evolution of the law, the varying severity of fines levied and the pushback from companies against regulators. GDR rounds up the stories here.

03 March 2020

Telecoms companies face $200m location data fine

The US Federal Communications Commission plans to fine four major wireless carriers more than $200 million for mishandling consumer location data – but the enforcement action has drawn dissent from two FCC commissioners, and at least one company plans to dispute the penalty.

02 March 2020

IT outsourcer caught out after data acquisition

A Danish outsourcer has fallen foul of the country’s data regulator after it failed to secure personal information it acquired as part of a merger.

02 March 2020

Analysis: The GDPR in numbers

GDR has analysed recently-released figures from the European Data Protection Board in an attempt to help tell the story of the GDPR's success so far. The numbers look at enforcers' resources compared to their caseload, the powers they have used, and how they plan to ramp up their budgets in 2020.

27 February 2020

Prosecutors shut down Brazilian data broker

Brazilian authorities have cancelled the domain name of BaseUp as part of an investigation into the company for allegedly selling the personal data of more than 10 million people.

25 February 2020

Amazon faces GDPR investigations over lack of message encryption

Max Schrems’ NGO has told regulators that Amazon has failed to implement basic data protection measures for its Marketplace email operations, potentially exposing the IP addresses, email addresses and names of millions of users.

24 February 2020

Get unlimited access to all Global Data Review content