Loading

Category: Data Protection

Controller and processor fined after app collected an unnecessary amount of data

Controller and processor fined by Icelandic DPA after app collected an unnecessary amount of data without the necessary consent.     At the start of the COVID-19 pandemic the Icelandic government issued gift cards to adult citizens due to the economic strain brought on by the effects of the pandemic. They were issued through an

Bank Millennium fined €80,000 by Polish DPA for failure to report a breach

Bank millennium fined €80,000 by Polish DPA for failure to report, and sufficiently inform data subjects of a breach.   Recently, a fine was imposed on Bank Millennium by the Polish DPA for a data breach which the bank failed to report, and about which they failed to sufficiently inform the affected customers. The supervisory

Algorithmic transparency standard published by UK government

Algorithmic transparency standard for government departments and public sector bodies published by the UK government.     A new standard for algorithmic transparency has recently been published by the UK government giving guidance to government departments and public sector bodies as part of the national data strategy and AI strategy. This initiative was launched recently by the

Encryption Keys and privacy: AEPD discusses how keys may be considered personal data

Encryption keys and privacy explored by the AEPD, and why some encryption keys may be considered personal data.       Encryption keys and privacy go hand in hand, and  have proven to be extremely useful in the online world. However some can be considered personal data under the GDPR, and must be treated as

Data protection standards for adtech outlined by ICO

Data protection standards for adtech have been outlined by the ICO in order to ensure that companies safeguard people’s privacy online.   The ICO has called on various companies to address and eliminate the existing privacy risks associated with the adtech industry. The Information Commissioner recently published an opinion warning companies that are designing novel

Whatsapp privacy policy updated after record fine of €225 million

Whatsapp privacy policy has been updated after the company was hit with a GDPR fine, however, this changes nothing about their service.   Whatsapp has amended their privacy policy after being hit with a record fine for an EU GDPR violation. While the company is still appealing the €225 million fine, their privacy policy is

Children’s Code compliance called to question by the ICO

Children’s Code compliance was called to question by the ICO after an online child safety charity raised questions about various companies.   The ICO has written to Apple and Google for clarification on their process of determining age ratings for apps available in the App Store and Google Play respectively. Since the introduction of the

Privacy class action lawsuit against Google halted by UK Supreme Court

A privacy class action lawsuit against Google has been halted by the UK Supreme Court as claimant is unable to prove damage to affected users.   A billion dollar class action lawsuit against tech giant Google has been denied by the UK Supreme Court. The case, originally filed by Richard Lloyd, on behalf of a

Poor personal data security by Dutch airline leads to a fine

Poor personal data security leads to a fine from the Dutch DPA, after security flaws cause a major hack.   An airline has recently been hit with a €400,000 fine from the Dutch DPA following a major hack, attributable to poor data security. The airline Transavia suffered a hack of two accounts in the company’s

Proposed Digital Markets Act to be enforced by the EU Commission

Proposed Digital Markets Act will be enforced exclusively by the European Commission, but what does it entail?   EU representatives have officially agreed that the European Commission will be the enforcer of the Digital Markets Act, which is set to be ratified on November 25 as part of the bloc’s common position ahead of negotiations