Enforcement

Monday, July 19, 2021 Contact: (916) 210-6000, agpressoffice@doj.ca.gov SAN FRANCISCO – A year after enforcement of the nation’s toughest privacy law began, California Attorney General Rob Bonta today announced successful enforcement efforts and urged more Californians to take advantage of their new rights. The California Consumer Privacy Act (CCPA) provides consumers with groundbreaking…

Italy’s data protection authority Garante on Tuesday announced its latest fine against a company under the General Data Protection Regulation (GDPR) for aggressive telemarketing. Sky Italia was ordered to pay nearly €3.3 million (U.S. $3.8 million) for allegedly misusing customer data to make unwanted promotional phone calls. The figure, ordered…

In Germany, they call him the “Facebook hunter”. He’s been described as one of Europe’s most powerful protectors of data privacy, has locked horns with US tech titans, and earned a troublemaker reputation across Europe. In over a decade as the data protection commissioner for the German city-state of Hamburg,…

The Norwegian Data Protection Authority said on Monday that it would fine Grindr, the world’s most popular gay dating app, 100 million Norwegian kroner, or about $11.7 million, for illegally disclosing private details about its users to advertising companies. The agency said the app had transmitted users’ precise locations, user-tracking…

Getty Images France’s data protection agency, the CNIL,  has slapped Google and Amazon with fines for dropping tracking cookies without consent. Google  has been hit with a total of €100 million ($120 million) for dropping cookies on Google.fr and Amazon €35 million (~$42 million) for doing so on the Amazon .fr domain under the…

South Korea’s information watchdog on Wednesday fined Facebook Inc. 6.7 billion won (US$6 million) for passing information of at least 3.3 million South Koreans to other companies in its first crackdown on the U.S. tech giant. The Personal Information Protection Commission (PIPC) said Facebook violated the country’s personal information law by providing personal information of at…

In an unprecedented move, the Privacy Campaigners at the Open Rights Group (ORG) have today announced that they are taking the UK’s privacy regulator, the Information Commissioner’s Office (ICO) to court over the regulator’s failure to stop unlawful practices by the Digital Advertising Technology (AdTech) industry. A complaint was made…

The ICO has fined Marriott International Inc £18.4million for failing to keep millions of customers’ personal data secure. Marriott estimates that 339 million guest records worldwide were affected following a cyber-attack in 2014 on Starwood Hotels and Resorts Worldwide Inc. The attack, from an unknown source, remained undetected until September 2018,…

On October 27, 2020, the UK Information Commissioner’s Office (“ICO”) published its enforcement notice against credit reference agency Experian Limited (“Experian”) under Section 149 of the Data Protection Act 2018 (“DPA”) (the “notice”). The notice requires Experian to make fundamental changes to its offline direct marketing practices, and was issued after the ICO undertook…

Germany’s Hamburg Data Protection Authority (“HmbBfDI”) have imposed a €35.2 million ($41.4 million) fine on H&M, the world’s second-largest clothing retailer, for General Data Protection Regulation (“GDPR”) violations; the largest privacy fine ever issued by a German regulator. This fine is significant for a number of reasons, not least of which is that European regulators…