GDPR and Personal data - Information Management Today

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

GDPR protects sensitive data like health and financial details, and its enforcement underscores the growing need for stronger data security measures. GDPR: The landscape of data privacy and protection has never been more critical. What is GDPR and Why Does It Matter?

GDPR

GDPR Security Compliance Data Privacy

Italy’s data protection watchdog fined OpenAI €15 million over ChatGPT’s data management violations

Security Affairs

DECEMBER 23, 2024

Italy’s data protection watchdog fined OpenAI 15 million for ChatGPT’s improper collection of personal data. Italys privacy watchdog, Garante Privacy, fined OpenAI 15M after investigating ChatGPT’s personal data collection practices.

Artificial Intelligence

Artificial Intelligence Personal data Data collection Privacy

Irish Data Protection Commission (DPC) fined Meta €251 million for a 2018 data breach

Security Affairs

DECEMBER 18, 2024

These own-volition inquiries were launched by the DPC following a personal data breach, which was reported by MPIL in September 2018.” “This data breach impacted approximately 29 million Facebook accounts globally, of which approximately 3 million were based in the EU/EEA.

Data breaches

Data breaches GDPR Personal data Access

Webinars

Maximizing Profit and Productivity: The New Era of AI-Powered Accounting

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Irish Data Protection Commission fined LinkedIn €310M for GDPR infringement

Security Affairs

OCTOBER 25, 2024

Irish Data Protection Commission fined LinkedIn €310M after finding its use of behavioral data for targeted ads violated privacy laws, requiring compliance changes. The DPC’s inquiry was launched following an initial complaint to the French Data Protection Authority. ” reads the DPC’s announcement.

GDPR

GDPR Personal data Compliance Privacy

Why DSPM is Essential for Achieving Data Privacy in 2024

Security Affairs

OCTOBER 23, 2024

With this principle approach, DSPM treats data security as a priority, aligning itself with the critical security standards and frameworks and further addressing the regulatory requirements of current and emerging data and AI laws that necessitate implementing personal and sensitive personal data protection measures.

Data Privacy

Data Privacy Privacy GDPR Compliance

GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

Security Affairs

MAY 11, 2020

During COVID-19 outbreak data processors have to be extra vigilant to maintain their compliance with data protection authorities like GDPR. It has imposed online learning and earning, which in turn has open new doors of cybersecurity threats and data breaches. COVID-19 Remote Working – GDPR Data Security Checklist.

GDPR

GDPR Security Compliance Encryption

Big GDPR Fines in UK and Ireland: What's the Holdup?

Data Breach Today

JUNE 1, 2020

Both Countries Have Each Issued Only a Single, Finalized Fine Under EU's Privacy Law The EU's General Data Protection Regulation was meant to finally bring in line organizations that didn't treat Europeans' personal data with respect. and Ireland each issued only one final GDPR fine to date?

GDPR

GDPR Personal data Privacy

GUEST ESSAY: How stricter data privacy laws have redefined the ‘filing’ of our personal data

The Last Watchdog

NOVEMBER 4, 2021

Related: GDPR and the new privacy paradigm. Europe’s General Data Protection Regulations (GDPR) changed the game. Legacy filing systems were not built to keep track of the personal data of specific individuals primarily to be in compliance with the many data protection regulations popping up around the world.

Personal data

Personal data Privacy Data Privacy Unstructured data

Marriott Mega-Breach: Will GDPR Apply?

Data Breach Today

DECEMBER 3, 2018

Legal Experts Suspect So, But Investigation Could Take a Year or More Will Marriott be the first organization that lost control of Europeans' personal data to feel the full force of the EU's General Protection Regulation?

GDPR

GDPR Personal data Security

Chat app Knuddels fined €20k under GDPR regulation

Security Affairs

NOVEMBER 24, 2018

“the company from Karlsruhe violated the obligation to ensure the security of personal data, informed the Baden-Wuerttemberg data protection commissioner Stefan Brink on Thursday in Stuttgart.” “Due to a breach of the data security required by Art. Securi ty Affairs – GDPR, data breach).

GDPR

GDPR Passwords Data breaches Personal data

The Irish DPC fined WhatsApp €5.5M for violating GDPR

Security Affairs

JANUARY 21, 2023

The Irish Data Protection Commission (DPC) fined Meta’s WhatsApp €5.5 million for violating data protection laws. by the Irish Data Protection Commission (DPC) for violating the General Data Protection Regulation (GDPR). million (for breaches of the GDPR relating to its service).”

GDPR

GDPR Metadata Encryption Communications

UK ICO fines British Airways £183 Million under GDPR over 2018 security breach

Security Affairs

JULY 8, 2019

. “Following an extensive investigation the ICO has issued a notice of its intention to fine British Airways £183.39M for infringements of the General Data Protection Regulation (GDPR).” Personal data of approximately 500,000 customers were compromised in this incident, which is believed to have begun in June 2018.”

GDPR

GDPR Security Data breaches Personal data

The Dutch Data Protection Authority (DPA) has fined Uber a record €290M

Security Affairs

AUGUST 26, 2024

The Dutch Data Protection Authority (DPA) has fined Uber €290 million ($324 million) for allegedly failing to comply with the EU data protection regulation GPDR when transferring the personal data of European taxi drivers to the U.S. ” reads the press release published by the Dutch Data Protection Authority.

GDPR

GDPR Personal data Privacy Government

Dear BA and Marriott: Your GDPR Fines Are Important to Us

Data Breach Today

JULY 10, 2019

Privacy Regulator's Clear Security Message: Act Now to Avoid 'Disappointment' The data protection gloves have finally come off in Europe after GDPR enforcement began last May - the U.K.'s Consider the tables now turned on firms that fail to properly safeguard personal data.

GDPR

GDPR Personal data Privacy Security

Thailand’s Personal Data Protection Act Enters into Force

Hunton Privacy

JUNE 1, 2022

On June 1, 2022, Thailand’s Personal Data Protection Act (“PDPA”) entered into force after three years of delays. The PDPA mirrors the EU General Data Protection Regulation (“GDPR”) in many respects. Exemptions are granted for public interest, contractual obligations, vital interest or compliance with the law.

Personal data

Personal data GDPR Compliance Government

META hit with privacy complaints by EU consumer groups

Security Affairs

MARCH 4, 2024

Below are the questions and answers of my interview: What specific GDPR rules do the consumer groups claim Meta is not complying with? Consumer groups claim that Meta’s data collection is unfair and lacks transparency. Data Minimization: Meta is expected to collect limited personal data for a specific scope authorized by users.

Privacy

Privacy GDPR Personal data Data collection

GDPR: Still Plenty of Lessons to Learn

Data Breach Today

MARCH 7, 2019

RSA Conference Panel: Organizations Worldwide Face Long List of Challenges Nearly 10 months after the beginning of enforcement of the EU's GDPR privacy regulation, organizations around the world are still learning plenty of compliance lessons - including how to locate all personal data so it can be protected, according to regulatory experts on a panel (..)

GDPR

GDPR Personal data Compliance Privacy

Italian data protection authority said that ChatGPT violated EU privacy laws

Security Affairs

JANUARY 30, 2024

The Italian data protection authority regulator authority, known as “Garante per la protezione dei dati personali”, announced it has notified OpenAI that ChatGPT violated the EU data protection regulation GDPR. The Authority pointed out that OpenAI does not alert users that it is collecting their data.

Privacy

Privacy GDPR Personal data Data Privacy

UK ICO fines hotel chain giant Marriott over data breach

Security Affairs

NOVEMBER 2, 2020

. “The ICO has fined Marriott International Inc £18.4million for failing to keep millions of customers’ personal data secure.” ” In July 2019, the UK’s data privacy regulator announced that the giant hotel chain Marriott International faces a £99 million ($123 million) fines under GDPR over 2014 data breach. .”

Data breaches

Data breaches Personal data GDPR Encryption

Discord Fined by French CNIL for GDPR Violations

Data Breach Today

NOVEMBER 17, 2022

Video Streamer Pays 800,000 Euros to Settle Probe of Privacy and Security Practices The French data protection authority fined Discord 800,000 euros for privacy and security practices that violate the General Data Protection Regulation.

GDPR

GDPR Personal data Privacy Security

CNIL Published Guidelines on Re-Use of Personal Data by Data Processors

Hunton Privacy

JANUARY 20, 2022

On January 12, 2022, the French Data Protection Authority (the “CNIL”) published guidelines on the re-use of personal data by data processors for their own purposes (such as product improvement or the development of new products and services) under the EU General Data Protection Regulation (“GDPR”) (the “Guidelines”).

Personal data

Personal data GDPR Encryption IT

Britain’s information commissioner fines British Airways for 2018 Hack

Security Affairs

OCTOBER 16, 2020

Britain’s information commissioner has fined British Airways 20 million pounds for the 2018 hack that exposed data of 400,000 customers. In September 2018, British Airways suffered a data breach that exposed the personal information of 400,000 customers. This is the largest fine the British ICO has ever issued.

GDPR

GDPR Personal data Data breaches Communications

Irish DPC Sues X over Harvesting Data for Grok AI Bot

Data Breach Today

AUGUST 7, 2024

Regulators told Irish High Court that X, Formerly Twitter, Violated the GDPR The Irish data regulator sued social media platform X, accusing the service of wrongfully harvesting users' personal data for its artificial intelligence model Grok.

Artificial Intelligence

Artificial Intelligence GDPR Personal data IT

New Zealand's Refreshed Privacy Act Takes Effect

Data Breach Today

DECEMBER 1, 2020

It also holds data handlers to higher responsibilities to counter new threats to personal data. But the law doesn't impose financial penalties as severe as the EU's GDPR.

Privacy

Privacy GDPR Personal data IT

French Ad Tech Firm Fined 40M Euros for GDPR Violations

Data Breach Today

JUNE 22, 2023

French Regulator Fines Criteo for Website Cookie Tracking Tools The top French privacy regulator has imposed a fine of 40 million euros against a Parisian advertising technology company for its use of website tracking cookies and failure to process users' personal data in compliance with privacy laws under the General Data Protection Regulation.

GDPR

GDPR Personal data Privacy Compliance

Over-Retention of Personal Data

Data Protection Report

SEPTEMBER 23, 2021

The declining cost of electronic data storage may have caused some company executives to conclude that retaining personal data forever is “cheap.” The matter involved one of France’s largest insurers, SGAM AG2R LA MONDIALE, which was subject to an inspection by the French data protection authority (the CNIL), in 2019.

Personal data

Personal data Insurance GDPR Record destruction

How Automation can help you in Managing Data Privacy

Security Affairs

OCTOBER 20, 2020

This is where data privacy comes into play and organizations are looking for data privacy management softwares that can fulfill their data privacy needs, while complying with data regulations in order to avoid fines. Tracking Personal Data.

Data Privacy

Data Privacy Privacy GDPR Compliance

How to Comply with GDPR, PIPL, and CCPA

eSecurity Planet

DECEMBER 22, 2021

The regulations from GDPR, PIPL, and CCPA are especially prevalent to MSPs and software vendors because they get access to data from so many organizations, but all businesses need to comply with them. PIPL Compliance CCPA Compliance GDPR Compliance How to Stay Up to Date with Changing Compliance Regulations. GDPR Compliance.

GDPR

GDPR Compliance Data Privacy Personal data

France Travail data breach impacted 43 Million people

Security Affairs

MARCH 16, 2024

“In accordance with its obligations under the General Data Protection Regulation (GDPR), Pôle emploi has notified the CNIL today. Jobseekers registered in February 2022 and former users of Pôle Emploi are potentially affected by this theft of personal data.” reads the press release published by the agency.

Data breaches

Data breaches Personal data Ransomware GDPR

CJEU Rules on Processing of Sensitive Data and Compensation Under the GDPR

Hunton Privacy

JANUARY 5, 2024

Background The case related to the processing of an incapacitated employee’s personal data, including health data, by the medical service provider (“MDK”) of a health insurance fund in Germany. The CJEU also held that the rules and limitations on the processing of sensitive personal data under Article 9.2(h)

GDPR

GDPR Personal data Insurance IT

Swedish data protection authority rules against the use of Google Analytics

Security Affairs

JULY 5, 2023

The authority determined that Google’s statistics tool was transferring personal data to the US. IMY states that the data transferred to the US is personal data because the data can be linked with other unique data that is transferred.

Analytics

Analytics Personal data GDPR Privacy

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

Security Affairs

OCTOBER 7, 2020

Earlier this year, Indonesia joined the ranks with the first four ASEAN countries including Malaysia, Singapore, Philippines and Thailand to have enacted laws relating to personal data protection. Indonesia’s adaptation of the law heavily resembles the European Union’s GDPR. General personal data v.

Data Privacy

Data Privacy Privacy Personal data Computer and Electronics

Experian’s data processing practices violate the GDPR

IT Governance

OCTOBER 28, 2020

An ICO (Information Commissioner’s Office) investigation revealed that the credit reference agency has been selling personal data to political parties and organisations that used it to identify those who could afford products and services. Likewise, it must stop processing personal data that has been collected without a lawful basis.

GDPR

GDPR Personal data Marketing Privacy

India: New Digital Personal Data Protection Act, Start Planning Now.

DLA Piper Privacy Matters

SEPTEMBER 6, 2023

While there are similarities with EU/UK GDPR – and sufficient harmonisation with data protection laws across APAC to continue a regional data compliance in Asia – the practicalities of implementation and compliance should not be underestimated. data subjects, using the GDPR terminology) located within India.

Personal data

Personal data GDPR Data breaches Compliance

Indonesia Ratifies Country’s First Comprehensive Legal Framework for Personal Data Protection

Hunton Privacy

NOVEMBER 8, 2022

SHIFT Counsellors at Law reports from Indonesia that The People’s Representative Council of the Republic of Indonesia has ratified Indonesia’s draft law on personal data protection. The law, which is partly modeled on the EU General Data Protection Regulation, is Indonesia’s first “umbrella regulation” on personal data protection.

Personal data

Personal data GDPR Compliance Information Security

The EDPB Issues Guidelines Clarifying What Constitutes an International Data Transfer Under the GDPR

Hunton Privacy

NOVEMBER 23, 2021

On November 19, 2021, the European Data Protection Board (“EDPB”) published its draft Guidelines 05/2021 (the “Guidelines”) on the interplay between the application of Article 3 of the EU General Data Protection Regulation (“GDPR”), which sets forth the GDPR’s territorial scope, and the GDPR’s provisions on international data transfers.

GDPR

GDPR Personal data Marketing Government

UK ICO Approves the First UK GDPR Certification Scheme Criteria

Hunton Privacy

AUGUST 27, 2021

On August 19, 2021, the UK Information Commissioner’s Office (“ICO”) approved the criteria for three certification schemes, as required under Article 42(5) of the UK General Data Protection Regulation (“UK GDPR”). Certification schemes are one method for organizations to demonstrate compliance with the UK GDPR.

GDPR

GDPR Compliance Personal data Privacy

EU hits Meta with $1.3 billion fine for transferring European user data to the US

Security Affairs

MAY 22, 2023

billion fine for transferring European user data to the US. billion for transferring user data to the US. This is the biggest fine since the adoption of the General Data Protection Regulation (GDPR) by the European Union (EU) on May 25, 2018. The European Union condemned Meta with a record $1.3

GDPR

GDPR Personal data Privacy Data Privacy

How Companies Need to Treat User Data and Manage Their Partners

Security Affairs

MAY 12, 2021

After the introduction of CCPA and GDPR, much more attention is given to third-party risks, and the privacy terms and conditions users agree to. Global privacy regulations, such as the CCPA and GDPR, were enacted to ensure stricter standards when handling the personal data of consumers. Key Takeaways.

GDPR

GDPR Privacy Personal data Data breaches

Italian Garante bans Chat GPT from processing personal data of Italian data subjects

Data Protection Report

APRIL 5, 2023

The alleged GDPR infringements: The Garante apparently took its action after becoming aware of a recent data breach at ChatGPT, where users’ chat titles and payment information was exposed.

Personal data

Personal data GDPR Data breaches Privacy

India Passes Digital Personal Data Protection Act

Hunton Privacy

AUGUST 22, 2023

reports that in early August 2023, the Indian Parliament passed the Digital Personal Data Protection Act (the “Act”), bringing to a close a 5-year process to enact an omnibus data privacy law in India. The Act significantly updates a previous draft, and departs substantially from the GDPR model of privacy laws.

Personal data

Personal data Data breaches GDPR Government

UK: New guidance on processing personal data for scientific research purposes

DLA Piper Privacy Matters

MARCH 1, 2022

Meanwhile, a sometimes popular (mis)conception is that data protection laws – and particularly the GDPR – are a barrier to the effective use of personal data for research. The implication was that data controllers did not fully understand, and therefore were not effectively making use of, the research provisions.

Personal data

Personal data GDPR Data collection Archiving

When Do You Need to Report a Data Breach?

Security Affairs

NOVEMBER 26, 2018

Data breaches, incidents in which personal information is accidentally or unlawfully stolen, lost, disclosed, accessed, altered or destroyed, can happen to organizations of any size and sector. Most data breach laws deal with personal data, which is essentially any information that can be associated with a particular person.

Data breaches

Data breaches Personal data GDPR Cybersecurity

EU privacy non-profit group filed complaints against TikTok, SHEIN, AliExpress, and other Chinese companies

Security Affairs

JANUARY 17, 2025

Austrian privacy non-profit group None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users’ data to China. said Kleanthi Sardeli, data protection lawyer atnoyb.

Privacy

Privacy GDPR Compliance Personal data

Increased GDPR Enforcement Highlights the Need for Data Security

Italy’s data protection watchdog fined OpenAI €15 million over ChatGPT’s data management violations

Webinars

Trending Sources

Irish Data Protection Commission (DPC) fined Meta €251 million for a 2018 data breach

Webinars

Irish Data Protection Commission fined LinkedIn €310M for GDPR infringement

Why DSPM is Essential for Achieving Data Privacy in 2024

GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

Big GDPR Fines in UK and Ireland: What's the Holdup?

GUEST ESSAY: How stricter data privacy laws have redefined the ‘filing’ of our personal data

Marriott Mega-Breach: Will GDPR Apply?

Chat app Knuddels fined €20k under GDPR regulation

The Irish DPC fined WhatsApp €5.5M for violating GDPR

UK ICO fines British Airways £183 Million under GDPR over 2018 security breach

The Dutch Data Protection Authority (DPA) has fined Uber a record €290M

Dear BA and Marriott: Your GDPR Fines Are Important to Us

Thailand’s Personal Data Protection Act Enters into Force

META hit with privacy complaints by EU consumer groups

GDPR: Still Plenty of Lessons to Learn

Italian data protection authority said that ChatGPT violated EU privacy laws

UK ICO fines hotel chain giant Marriott over data breach

Discord Fined by French CNIL for GDPR Violations

CNIL Published Guidelines on Re-Use of Personal Data by Data Processors

Britain’s information commissioner fines British Airways for 2018 Hack

Irish DPC Sues X over Harvesting Data for Grok AI Bot

New Zealand's Refreshed Privacy Act Takes Effect

French Ad Tech Firm Fined 40M Euros for GDPR Violations

Over-Retention of Personal Data

How Automation can help you in Managing Data Privacy

How to Comply with GDPR, PIPL, and CCPA

France Travail data breach impacted 43 Million people

CJEU Rules on Processing of Sensitive Data and Compensation Under the GDPR

Swedish data protection authority rules against the use of Google Analytics

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

Experian’s data processing practices violate the GDPR

India: New Digital Personal Data Protection Act, Start Planning Now.

Indonesia Ratifies Country’s First Comprehensive Legal Framework for Personal Data Protection

The EDPB Issues Guidelines Clarifying What Constitutes an International Data Transfer Under the GDPR

UK ICO Approves the First UK GDPR Certification Scheme Criteria

EU hits Meta with $1.3 billion fine for transferring European user data to the US

How Companies Need to Treat User Data and Manage Their Partners

Italian Garante bans Chat GPT from processing personal data of Italian data subjects

India Passes Digital Personal Data Protection Act

UK: New guidance on processing personal data for scientific research purposes

When Do You Need to Report a Data Breach?

EU privacy non-profit group filed complaints against TikTok, SHEIN, AliExpress, and other Chinese companies

Stay Connected