ICO intends to fine Marriott International, Inc more than £99m for data breach
Marriott International has received a notification from the Information Commissioner’s Office (ICO) of its intention to fine the company £99,200,396. […]
compliance
ICO intends to fine British Airways £183m for data breach
British Airways could face a fine of £183 million as a result of a data breach that was disclosed by […]
Romanian DPA fines UniCredit €130,000 for data protection by design failures
The National Supervisory Authority for Personal Data Processing (‘ANSPDCP’) announced, on 4 July 2019, that it had fined UniCredit Bank […]
Duch privacy watchdog warns banks not to use payments for marketing
On Wednesday Duch data protection authority – Autoriteit Persoonsgegevens – announced that banks should not offer their customers products on […]
EU regulator launches third Apple investigation
The principle regulator for Apple in Europe, the Irish Data Protection Commission, has begun a third investigation into data privacy […]
Cookie consent – What “good” compliance looks like according to the ICO
On 3 July 2019, the UK data protection authority (the ICO) updated its guidance on the rules that apply to […]
French lawsuit accuses Google of violating EU privacy rules
A leading French consumer group has filed a class-action lawsuit accusing Google of violating the European Union’s landmark 2018 privacy […]
FTC Takes Action Against Companies Misrepresenting Compliance with the EU-U.S. Privacy Shield
The Federal Trade Commission announced that it has taken action against a number of companies that allegedly misrepresented their compliance […]
ICO admits its own cookie policy is non-compliant with GDPR
The Information Commissioners Office has admitted that its current consent notice relating to the use of cookies on devices failed […]
Swedish DPA digs into Spotify’s responses to SARs
The Swedish data protection authority – Datainspektionen – had initiated a review of Spotify Technology S.A.’s responses to data subject access requests (SARs). […]
Lithuanian DPA launches investigation into D-Link
In response to publicly available information, the Lithuanian data protection authority – State Data Protection Inspectorate – launched an self-initiated […]
Fingerprint case highlights importance of biometric policies and consent
An unfair dismissal case has highlighted the need for companies to update policies and procedures and to obtain full consent […]