Norway's privacy watchdog has proposed fining location-based dating app Grindr nearly $12 million after finding that it violated Europeans' privacy rights by sharing data with many more third parties than it had disclosed.
Privacy watchdogs in Europe have imposed fines totaling more than $330 million since the EU's General Data Protection Regulation went into full effect in May 2018, according to law firm DLA Piper. Over the past year, regulators received 121,000 data breach notifications, up 19% from the year before.
More than two years after Europe's tough new General Data Protection Regulation came into full effect, EU privacy watchdogs are finding more consensus, and consumers have been benefiting, experts say. But how regulators apply sanctions, in particular, remains a work in progress.
For the first time, a U.S. technology firm has been fined under the EU's General Data Protection Regulation. Ireland's Data Protection Commission on Tuesday hit social media giant Twitter with a $547,000 fine for failing to report and document a data breach within 72 hours, as required under GDPR.
Microsoft is revamping its controversial "productivity score" in Microsoft 365 so that individual workers can no longer be tracked. The move follows warnings by privacy advocates that the feature was a step too far into the realm of workplace surveillance.
Warning to workers: Your productivity tools may also be tracking your workplace productivity, and your bosses may not even know it. But as more workplace surveillance capabilities appear, legal experts warn that organizations must ensure their tools do not violate employees' privacy rights.
European lawmakers are once again considering encryption policies and attempting to strike a balance between the privacy and security afforded by strong encryption and law enforcement's needs. But with encryption being a cornerstone of the internet, is there any new balance to be struck?
Small and midsize enterprises must avoid assuming they won't be targeted for cyberattacks and ensure they're taking adequate security precautions, says Emma Philpott of the consultancy IASME Consortium Ltd., who offers insights on essential steps.
Ticketmaster UK has been fined $1.7 million by Britain's privacy watchdog for its "serious failure" to comply with the EU's General Data Protection Regulation. Its failure to properly secure chatbot software led to attackers stealing at least 9.4 million payment card details.
A German appeals court has slashed by 90% the $11 million General Data Protection Regulation fine levied last year against 1&1 Telecom by the nation's federal privacy watchdog over call center data protection shortcomings. Experts say the case is a reminder that all GDPR fines can be appealed.
The latest edition of the ISMG Security Report features an analysis of how President-elect Joe Biden is expected to renew international relationships needed in the fight against cyberattacks. Also featured: the pandemic's impact on cybercrime; analysis of Europol's annual cybercrime report.
Privacy advocates in the U.K. have filed a complaint alleging that the Information Commissioner's Office, a watchdog agency, is not doing enough to make sure the digital advertising technology - or AdTech - industry complies with the EU's General Data Protection Regulation.
Inadequate database and privileged account monitoring, incomplete multifactor authentication and insufficient use of encryption: Britain's privacy regulator has cited a raft of failures that contributed to the four-year breach of the Starwood guest reservation system discovered by Marriott in 2018.
The latest edition of the ISMG Security Report features an analysis of the EU General Data Protection Regulation fines that have finally been imposed on Marriott and BA over serious data breaches each suffered. Also featured: Regional digital fraud trends, and a look at the CISO role and its responsibilities.