Daily Compliance News: November 15, 2024 - The Meta Fined (again) Edition
Cost of Noncompliance: More Than Just Fines
Life With GDPR: Cathay Pacific Enforcement Action
FCPA Compliance and Ethics Report-Episode 171-FCPA Enforcement in the Energy Industry
The CJEU has decided that the maximum thresholds for GDPR fines should be calculated using the global turnover of the broader corporate group, not solely the infringing entity....more
Organisations that make international transfers of personal data have undergone significant challenges and changes over the last few years. With the invalidation of the Privacy Shield agreement in 2020 and the introduction of...more
The French Data Protection Authority (CNIL) recently imposed a EUR 310,000 fine, representing 1% of its turnover, on FORIOU, a telemarketing company promoting loyalty programs. The fine stemmed from FORIOU’s use of...more
On March 13, 2024, the EU AI Act received its final assent from the EU Parliament with 523 votes in favor, 46 against and 49 abstentions, bringing it one step closer to adoption. Minor linguistic changes are still to be...more
Following the publication of several press articles and employee complaints, the French data protection regulator (“CNIL”) carried out an investigation at the Amazon France Logistique’s (“Amazon”) warehouses. The CNIL's...more
Clearview AI Inc's successful challenge to the ICO’s £7.5 million fine focused on the limits of the UK GDPR’s jurisdictional reach, succeeding on the grounds that Clearview’s processing activities were outside the scope of...more
The French Data Protection Authority has imposed a €40 million fine for GDPR infringements. On 15 June 2023 the French Data Protection Authority (the CNIL), acting as Lead Supervisory Authority pursuant to the cooperation...more
Cybersecurity incidents pose legal challenges for in-house counsel, alongside their technical implications. This overview highlights key aspects that legal departments must know when reacting to data breaches. ...more
The French Data Protection Authority imposed a €280,000 fine for GDPR infringements and a €100,000 fine for violation of French cookie rules. On 11 May 2023 the French Data Protection Authority (the CNIL) handed down its...more
The final decision of the Irish Data Protection Commission (IDPC) in relation to the transfers of EU/EEA Facebook user data by Meta Platforms Ireland Limited (Meta Ireland) to its processor, Meta Platforms, Inc., in the US...more
The CJEU’s final ruling could subject companies to direct GDPR enforcement by DPAs notwithstanding national procedural rules, but may rule against strict liability under the GDPR. On 27 April 2023 Advocate General of the...more
Der Europäische Gerichtshof (EuGH) wird bald darüber entscheiden, ob europäische Datenschutzbehörden künftig leichter Bußgelder nach Art. 83 DSGVO gegen Unternehmen verhängen können. Diese Entscheidung kann großen Einfluss...more
Greece’s privacy protection authority recently announced it was fining Intellexa, an Israeli cyber tech company, EUR 50,000. The Hellenic Data Protection Authority (HDPA) imposed the fine as part of an investigation it...more
Bußgelder wegen Verstößen gegen die komplexen Anforderungen des EU-Datenschutzrechts werden zu einem immer größeren Risiko für Unternehmen. Europäische Aufsichtsbehörden haben bereits mehrere dreistellige Millionenbußgelder...more
On May 16, 2022, the European Data Protection Board (EDPB), the independent body of data protection supervisors that promotes consistent data protection rules and application thereof throughout the European Union (EU),...more
The Italian Garante per la Protezione dei dati Personali (‘Italian SA’) published a decision of February 10, 2022 in which it imposes a 20 million EUR fine on a company outside of Europe for violation of the EU General Data...more
Gerade im Datenschutz war 2021 ein Jahr voller Neuigkeiten und Ereignisse. Europäische Datenschutzbehörden haben DSGVO-Bußgelder in dreistelliger Millionenhöhe verhängt. Es dürfte spannend werden, ob mit der Überprüfung...more
Die deutschen Datenschutzbehörden verhängen derzeit Bußgelder wegen Verstößen gegen die DSGVO direkt gegen das jeweilige Unternehmen. Diese Möglichkeit ergibt sich nach Ansicht der Behörden aus dem sogenannten...more
The passage of the General Data Protection Regulation (GDPR) made it clear that the European Union (EU) is extremely serious about consumer privacy and that protecting EU citizens’ personal information is a top priority. The...more
E-commerce giant Amazon reported in its financial statements at the end of last month that the Luxembourg data protection authority had imposed on it a fine totaling EUR 746 million. The fine appears to have been laid on...more
Mittlerweile haben mehrere deutsche Datenschutzaufsichtsbehörden zweistellige Millionenbußgelder nach Art. 83 DSGVO verhängt. Kurz nach Geltung der DSGVO war es teilweise noch durchaus möglich, sich mit den zuständigen...more
Effektive Verteidigungsstrategien in Datenschutzkonflikten - Unternehmen drohen bei möglichen Datenschutzverstößen mittlerweile hohe Bußgelder und Schadensersatzklagen. Mit welchen Strategien und Argumenten können sich...more
The European Union’s (EU) General Data Protection Regulation (GDPR) has been in effect since May 2018. The law’s goal of protecting EU citizens’ personal information and privacy seems to be coming into fruition. In the past,...more
The French data protection authority’s decisions cite violations of the cookie rules under the ePrivacy Directive and provide important insights on explicit consent. Between December 2019 and May 2020, the French data...more