News

Senior Brazilian court confirms non-material damages proof burden

Brazil’s Supreme Court of Justice has confirmed that non-material damages following personal data leaks must be proven for compensation, a decision expected to reduce the number of data breach lawsuits.

20 March 2023

New SEC cybersecurity requirements: US Privacy and Cybersecurity Alerts 20 March 2023

The SEC suggests new cybersecurity protocols and reporting; Kentucky senators pass a data privacy bill; the FTC investigates social media companies’ advertising businesses; and TikTok’s chief executive is set to be grilled by a House committee.

20 March 2023

German government fights Facebook page ban

The German government’s press office is challenging the federal data regulator’s decision to force it to delete the government’s facebook page.

20 March 2023

Iowa lawmakers approve data privacy bill

Iowa is primed to become the sixth state to enact a data privacy law after legislators passed a privacy bill on Wednesday.

17 March 2023

Medical devices maker fined after two-month notification delay

The Norwegian regulator has fined Argon Medical Devices 2.5 million kroner for failing to report a data breach that compromised the personal data of all its European employees.

17 March 2023

DPC issues €750,000 fine against bank

The Irish regulator has fined the Bank of Ireland for a series of personal data breaches in connection with its banking app, and ordered it to introduce a range of corrective measures.

17 March 2023

Special Report: Civil society drives the GDPR

Activists are turning to litigation to force policy change. GDR tracks how NGO-led litigation is shifting the regulatory agenda and pushed the boundaries of European data protection law.

17 March 2023

Amazon faces novel New York biometric class action

A lawsuit claims Amazon’s cashier-less stores violated New York City’s year-old biometric law by collecting biometric data without consent or notice.

17 March 2023

ECJ adviser says automated credit scoring is profiling

A European Court of Justice adviser has said in two separate opinions that automated loan scoring constitutes profiling under the GDPR, regulators’ decisions are subject to judicial review, and limits apply to the retention of data from public registers by credit agencies.

16 March 2023

Easylife penalty slashed by more than 80%

The UK privacy regulator has reached an agreement with retailer Easylife, cutting a £1.35 million penalty (€1.54 million) over the company’s data processing conduct to £250,000 (€285,000).

16 March 2023

Unlock unlimited access to all Global Data Review content