The European Parliament has granted Europol permission to receive and process datasets from private parties and pursue research projects for better handling of security-related cases. Use of these powers will be overseen by the European Data Protection Supervisor and the Fundamental Rights Officer.
The Dutch Data Protection Authority has imposed penalties of 3.7 million euros ($4 million) and 565,000 euros ($600,000) on the Dutch Tax and Customs Administration and the Ministry of Foreign Affairs, respectively, for violating the General Data Protection Regulation.
On Tuesday, Ireland's Data Protection Commission imposed an $18.6 million penalty on tech firm Meta. That same day, the privacy watchdog was sued by a member of the nonprofit Irish Council for Civil Liberties over its "prolonged inaction" in the Google data breach case.
Privacy regulators in Europe last year imposed known fines totaling more than $1.2 billion under the EU's General Data Protection Regulation, including two record-breaking sanctions, law firm DLA Piper finds. The total value of fines in 2021 was nearly a sevenfold increase from that seen in 2020.
In the U.S., three states now have disparate data privacy laws - and more are coming. Meanwhile, China has enacted a new law that has global enterprises scrambling. How will these and other actions shape privacy discussions in 2022? Noted attorney Lisa Sotto shares insights.
Ireland's privacy law enforcer, the Data Protection Commission, has hit WhatsApp with a 225 million euro ($266 million) fine, finding that it violated the EU's General Data Protection Regulation in part by not telling users how it was sharing their data with parent company Facebook.
The U.K. is preparing to revamp the country's data protection and privacy laws as a way to spur economic growth and innovation in its post-Brexit economy, according to government officials. While some British politicians see opportunity, privacy experts worry about moving away from EU standards.
Phishing, ransomware and unauthorized access remain the leading causes of personal data breaches as well as violations of data protection rules, Britain's privacy watchdog reports. The U.K. government has also been caught out by breaches and leaks involving military secrets and CCTV footage from a government building.
Some 3,813 breaches were reported in the first half of 2019 alone, amounting to the exposure of over 4.1 billion records, a year-on-year increase of 54% and 52% respectively.The rise in data breach volumes is undoubtedly due in part to escalating threat activity.
The challenge for organizations is in securing data...
Italy's privacy regulator has slammed two of the country's biggest online food delivery firms - Deliveroo and Foodinho - with multimillion euro fines for using algorithms that discriminated against some workers. Legal experts say it's a reminder that such algorithms must be demonstrably transparent and fair.
Amazon reports that it's been fined 746 million euros ($885 million) under the European Union's General Data Protection Regulation for violating privacy rights in its advertising program. The company says it plans to appeal.
Where were you on May 25, 2018? That was the day the EU's General Data Protection Regulation went into full effect. Three years later, some legal and privacy experts say that while the global privacy discussion and expectations have evolved, GDPR still has some growing up to do.
Criminals love to amass and sell vast quantities of user data, but not all data leaks necessarily pose a risk to users. Even so, the ease with which would-be attackers can amass user data is a reminder to organizations to lock down inappropriate access as much as possible.
How much does it cost to recover from a ransomware attack? For the Scottish Environment Protection Agency, which was hit by the Conti ransomware-wielding gang on Christmas Eve, reported cleanup costs have reached $1.1 million. SEPA is still restoring systems and has refused to pay any ransom.
The 475,000 euro fine levied against Booking.com by Dutch privacy authorities should serve as a "wake-up call" for other companies when it comes to GDPR, some experts say. The company waited more than 20 days to report the breach to officials instead of the 72-hour window required under Europe's privacy law.