Topic: Enforcement

Canadian court sides with Amazon in PIPEDA case

A Canadian judge has dismissed an application by an individual invoking federal privacy law to access personal information on her held by Amazon, saying this same law prevents Amazon from disclosing the information.

08 February 2023

New York spyware seller fined

New York’s attorney general has fined a spyware producer $410,000 and ordered it to carry out a series of remedial measures.

06 February 2023

$1.5 million GoodRx fine is FTC’s first Health Breach Notification Rule action

GoodRx has agreed to pay a $1.5 million civil penalty for allegedly sharing consumers’ data without their permission, in the first enforcement of the FTC’s Health Breach Notification Rule.

02 February 2023

ICO confirms end of 24-hour PECR data breach notification deadline

Days after appearing to backtrack on a commitment to stop enforcing a 24-hour data breach regime applying to communication providers, the UK data regulator has confirmed that it now expects low-risk PECR data notifications to be filed within 72 hours.

02 February 2023

Meta SCC decision referred to EDPB

The Irish Data Protection Commissioner’s investigation into Meta’s use of standard contractual clauses has been referred to the EDPB after member states were unable to find a consensus under the one-stop-shop mechanism.

27 January 2023

Home Depot sharing e-receipts with Meta deemed illegal

Canada’s federal privacy commissioner has warned that practices such as Home Depot’s sharing of e-receipts without obtaining consent could be widespread across various organisations.

26 January 2023

ICO data breach reporting backtrack

Communication service providers must continue to report data breaches within 24 hours, the ICO has said, despite saying a few days ago that it would cease enforcing the requirement.

26 January 2023

Reasoning behind EDPB order to expand WhatsApp inquiry revealed

Objections from Finland, France and Italy drove the EDPB’s order to the Irish Data Protection Commissioner to expand its investigation into WhatsApp.

25 January 2023

Spanish location data decision struck down

A Spanish court has annulled a regulatory decision that backed a telecommunications company’s refusal to provide a data subject with their location data – in an appeal that the regulator declined to resist.

25 January 2023

Belgium opens the door to third party appeals

Belgium’s Constitutional Court has ruled that interested third parties can challenge decisions by the Belgian data watchdog, in a move that could increase pressure on the regulator from NGOs and competitors dissatisfied with investigative outcomes.

25 January 2023

Unlock unlimited access to all Global Data Review content