News

Brazil’s Supreme Court of Justice has confirmed that non-material damages following personal data leaks must be proven for compensation, a decision expected to reduce the number of data breach lawsuits.

20 March 2023

The SEC suggests new cybersecurity protocols and reporting; Kentucky senators pass a data privacy bill; the FTC investigates social media companies’ advertising businesses; and TikTok’s chief executive is set to be grilled by a House committee.

20 March 2023

The German government’s press office is challenging the federal data regulator’s decision to force it to delete the government’s facebook page.

20 March 2023

Iowa is primed to become the sixth state to enact a data privacy law after legislators passed a privacy bill on Wednesday.

17 March 2023

The Norwegian regulator has fined Argon Medical Devices 2.5 million kroner for failing to report a data breach that compromised the personal data of all its European employees.

17 March 2023

The Irish regulator has fined the Bank of Ireland for a series of personal data breaches in connection with its banking app, and ordered it to introduce a range of corrective measures.

17 March 2023

Activists are turning to litigation to force policy change. GDR tracks how NGO-led litigation is shifting the regulatory agenda and pushed the boundaries of European data protection law.

17 March 2023

A lawsuit claims Amazon’s cashier-less stores violated New York City’s year-old biometric law by collecting biometric data without consent or notice.

17 March 2023

A European Court of Justice adviser has said in two separate opinions that automated loan scoring constitutes profiling under the GDPR, regulators’ decisions are subject to judicial review, and limits apply to the retention of data from public registers by credit agencies.

16 March 2023

The UK privacy regulator has reached an agreement with retailer Easylife, cutting a £1.35 million penalty (€1.54 million) over the company’s data processing conduct to £250,000 (€285,000).

16 March 2023