Privacy Updates
CJEU delivers judgment in Facebook “Like” button case
9 August 2019The Court of Justice of the European Union (CJEU) last week handed down its decision in a case concerning a German online clothing retailer’s use of the Facebook “Like” button. The retailer, Fashion ID, had embedded the Facebook tool on its website, enabling visitors to “like” content on the web and so share it on […]
Read moreMarriott Hotels to be fined nearly £100 Million for GDPR breaches – a warning for corporate buyers
10 July 2019Hot on the heels of the £139M fine for British Airways comes confirmation from the ICO that it has proposed a financial penalty of £99.2M for breach of GDPR arising out of a data security breach reported in November 2018.
Read moreICO proposes £184M fine for British Airways in first major GDPR sanction
8 July 2019The Information Commissioner’s Office (ICO), the UK’s data protection supervisory authority, today announced that it has provisionally determined that British Airways (BA) must pay a substantive fine for breach of the GDPR, in relation to a data breach that BA suffered in June 2018. The reports state that the incident in part involved user traffic […]
Read moreDanish furniture company fined for deletion failure
25 June 2019The Danish Data Protection Agency (DPA) has recommended a fine of 1.5 million Danish kroner (approx. £180,000) for a furniture company that failed to delete the data of about 385,000 customers. The company in question, IDdesign, had been the subject of a supervisory visit by the DPA in autumn 2018. Prior to the visit, IDdesign […]
Read moreSpanish football league La Liga fined around €250,000 for a breach of GDPR
19 June 2019The top Spanish football league, La Liga, has been fined around €250,000 for a breach of the GDPR by the Spanish data protection agency, AEPD. In an effort to combat piracy of Spanish football live matches, La Liga allegedly used a smart phone app to collect users data without users’ specific consent. AEPD therefore levied […]
Read moreGDPR: One year on
24 May 2019The GDPR has been in force for almost a year and it has been reported that the Information Commissioner’s Office anticipates that a large fine in the United Kingdom is just a few weeks away. The European Data Protection Board (EDPB) has reported that the various European supervisory authorities have received 144,000 queries and complaints, […]
Read moreData Protection – A year’s worth of challenges and threats
19 March 2019Leigh Callaway and Gerald Brent examine the major issues which have been cropping up continually over the past year.
Read moreMutual EU-Japan adequacy decision now in force
23 January 2019The EU and Japan have today announced a new personal data adequacy agreement between the two parties. This agreement will allow personal data to flow freely between the two parties on the basis that there are strong protective guarantees in place. Before the agreement was put in place, Japan agreed to put additional safeguards in […]
Read moreGoogle fined €50M in France for GDPR breach
21 January 2019Reports are circulating that the French data protection authority, the CNIL, has issued a fine of €50M on Google for failure to comply with the GDPR. The issue relates to the consents obtained from Google account holders in relation to the personalisation of advertising that was served to the user. The CNIL referenced the fact […]
Read moreAmazon mistakenly sends smart-device recordings to strangers
9 January 2019A recent story from Germany highlights the precautions companies must take when complying with data subject requests under the GDPR. When complying with a right of access, Amazon accidentally disclosed the personal data of another Amazon user. Although no enforcement action has been taken by a GDPR authority in this case (yet), Amazon have opened […]
Read more