Enforcement
EU court lowers requirements for imposing fines for data protection breaches
The European Court of Justice issued a landmark ruling on Tuesday (5 December) that is set to facilitate the imposition of fines for infringements of the General Data Protection Regulation (GDPR). The European Court of Justice (ECJ) put out a verdict that will make it easier for data protection authorities…
Read More »Major Privacy Law Enforcement Announcements by CPPA and California and Colorado Attorneys General
California Superior Court Stays Some Areas of Enforcement By now, you have likely heard about the California Superior Court decision delaying enforcement until March 29, 2024, of the California Privacy Protection Agency regulations issued on March 29, 2023. The CPPA’s regulations supplement the California Consumer Privacy Act, and the CPRA…
Read More »CPPA’s Deputy Director of Enforcement Promises Vigorous Action by Expanded Enforcement Staff
On Friday, July 14, the California Privacy Protection Agency (“CPPA”) Board held a public meeting to address a broad, fourteen-point agenda that ranged from updates on the Agency’s budget to the status of ongoing rulemaking to enforcement. On the issue of enforcement, the Agency’s new Deputy Director of Enforcement, Mr.…
Read More »How To Think About Privacy As An Enterprise Risk in 2023
A new year is upon us, and with it will come major changes in how organizations handle personal data. Of course, this is not the first time we’ve seen significant changes: 2018 brought enormous changes to Europe as the General Data Protection Regulation (GDPR) became effective; 2020 brought major changes to the U.S. as…
Read More »Brussels sets out to fix the GDPR
The European Union is (finally) coming to grips with the dysfunctionalities of its most famous tech law of all: the General Data Protection Regulation. The European Commission will propose a new law before the summer that’s aimed at improving how EU countries’ privacy regulators enforce the GDPR, a newly published page on its website showed.…
Read More »Meta’s Ad Practices Ruled Illegal Under E.U. Law
Meta suffered a major defeat on Wednesday that could severely undercut its Facebook and Instagram advertising business after European Union regulators found it had illegally forced users to effectively accept personalized ads. The decision, including a fine of 390 million euros ($414 million), has the potential to require Meta to…
Read More »What Do the Multimillion-Dollar Google Settlement, Meta Fine Mean for Data Privacy?
In November, Google reached a $392 million settlement agreement with 40 US states regarding location tracking. Later that same month, Ireland’s Data Protection Commission fined Meta $275 million for breaking the European Union’s General Data Protection Regulation (GDPR). These hefty fines are the latest in a series of regulatory actions against tech giants,…
Read More »Meta fined €265m by Irish watchdog for data breach
Facebook parent company Meta has been fined €265 million by the Irish Data Protection Commission (DPC) following a data breach which saw the personal details of hundreds of millions of Facebook users published online. In April 2021, the DPC launched an investigation after data including names, phone numbers and email…
Read More »EO 14086 and the EU-U.S. Data Privacy Framework
On 7 October 2022, President Biden signed Executive Order 14086 “Enhancing Safeguards for United States Signals Intelligence Activities” (EO 14086). EO 14086 represents a significant milestone for transatlantic data transfers. Not only will the new safeguards form the basis of an adequacy decision by the European Commission for transfers made using the…
Read More »Germany Forces a Microsoft 365 Ban Due to Privacy Concerns
The central German state of Hesse’s local Data Protection Authority (DPA) has banned the use of Microsoft 365 in its schools, citing concerns over privacy violations. According to the authority, the program’s settings gather data from within the users’ programs. This clearly violates the EU’s General Data Protection Regulation (GDPR)…
Read More »