Loading

Zandilli Lucien

Author: Zandilli Lucien

A Polish catering company was fined €54,600 for a data breach after an employee lost a flash drive with sensitive data.

A Polish catering company was fined €54,600 for failing to protect personal data after an employee lost a flash drive containing sensitive information, revealing vulnerabilities in the company’s data security. The Polish Data Protection Authority (UODO) recently fined Res-Gastro M. Gaweł Sp. k., a catering company in Kolbuszowa, Poland, €54,600 for failing to implement adequate

Using AI in recruitment: Recommendations for business owners

The ICO has published recommendations for business owners on using AI in recruitment processes lawfully and ethically.   Artificial intelligence (AI) is transforming recruitment by saving time and improving efficiency for businesses of various sizes and across industries. Businesses are using AI tools to source potential candidates, summarize CVs, as well as score applicants. However,

Cyber Resilience Act: EU Council and Parliament Approve New Cybersecurity Standards for Digital Products

EU Council and EU Parliament enhance cybersecurity for digital products with the Cyber Resilience Act, ensuring connected devices are secure before entering the market.   The European Union has taken a major step forward in enhancing cybersecurity for digital products with the adoption of the Cyber Resilience Act by the EU Council and EU Parliament.

ePrivacy Directive Article 5(3): Device Tracking and User Consent

Understanding Article 5(3) of the ePrivacy Directive and its Implications on Device Tracking and User Consent   The ePrivacy Directive, specifically Article 5(3), restricts the storage and access of information on users’ devices without their consent, except under specific conditions. This legislation plays a crucial role in protecting users from unauthorized storage and access to

Legitimate interest as a legal basis: Guidance from the EDPB

Controllers must ensure necessary, proportionate, processing which respects the rights of data subjects, ensuring GDPR compliance.   When processing personal data under the General Data Protection Regulation (GDPR), controllers must ensure that their actions are lawful. Specifically, if relying on Article 6(1)(f) of the GDPR, the processing must be based on a legitimate interest. This

Tech giants push for lighter AI regulations in Europe

Tech giants push for lighter AI regulations in Europe amid concerns over fines and transparency.   In a pivotal final effort, the world’s largest technology companies are urging the European Union (EU) to take a more lenient stance on regulating artificial intelligence (AI). Firms like Amazon, Google, and Meta are currently facing the looming possibility

Communication after a data breach: Lessons from the Dutch DPA

The Dutch DPA has emphasised the importance of communication after a data breach, after a 2023 study revealed that many organisations failed to inform victims in a timely manner.   In an age where personal data is often at risk due to cyberattacks and other breaches, individuals affected by data breaches can often feel left

European Commission Initiates Proceedings to Ensure Apple’s Compliance with Digital Markets Act

The European Commission has initiated proceedings to ensure Apple complies with the Digital Markets Act by providing free interoperability to third-party developers for its iOS and iPadOS platforms.   The European Commission has launched two specification proceedings to ensure that Apple meets its obligations under the Digital Markets Act (DMA). As a “gatekeeper” under the

CNIL fined Cegedim Santé €800,000 for unlawful processing of sensitive health data

CNIL imposed a €800,000 fine on Cegedim Santé for the unauthorized and unlawful processing of sensitive health data.   In 2021, Cegedim Santé, a company specializing in management software for general practitioners and health centers, came under scrutiny from the French data protection authority, CNIL. The company provides software to around 25,000 medical practices and

UK Government Shifts AI Strategy

The UK Government shifts AI strategy to focus on public sector efficiency amid industry concerns.   The UK government, led by Prime Minister Keir Starmer, is developing a new artificial intelligence (AI) strategy aimed at cutting costs ahead of the upcoming autumn budget. The strategy shifts focus from direct investment in AI technology towards prioritising