We have extensively covered the California Consumer Privacy Act, the first U.S. law comprehensively regulating the collection, use, and disclosure of general consumers’ personal information in the U.S. This important legislation poses significant compliance challenges for organizations that engage with residents of California, the world’s fifth largest economy.
The President of the Personal Data Protection Office in Poland (Polish DPA) imposed a fine amounting to PLN 943,470 (approximately EUR 220,000; approximately USD 245,977) for failing to fulfil the company’s transparency obligations towards over six million data subjects under Article 14 of Europe’s General Data Protection Regulation (GDPR).
This is the first fine imposed by the Polish DPA under … Continue Reading
On 14 March 2019, the Dutch data protection authority (Autoriteit Persoonsgegevens, DPA) announced (in Dutch) its fining structure for violations of the European General Data Protection Regulation (GDPR) and the Dutch law implementing the GDPR (Implementation Act).
The GDPR sets two levels of administrative fines that may apply depending on which GDPR provisions have been infringed: The higher of €10 … Continue Reading
Many companies have been struggling with GDPR implementation over the past two years, putting much effort into new roles, privacy concepts, and workflows. Now that the dust of the immediate GDPR compliance rush is settling, the first details of fines imposed under the GDPR and the number of cases pending with Data Protection Authorities (DPAs) in Europe are being made … Continue Reading
Article 83 of the GDPR provides for two levels of administrative fines: a lower level – maximum of €10 million or 2% of the global turnover – for violations relating to record-keeping, data security, data protection impact assessments, data protection by design and default, and data processing agreements; and a higher level – maximum of €20 million or 4% of … Continue Reading
In July, Eduardo Ustaran spoke at Privacy Laws & Business’ International Conference in Cambridge about the sort of activities likely to prompt regulators into exercising their increased fining powers under the EU GDPR. A link to the video of his presentation can be found here and a detailed report of the presentation is available here.… Continue Reading
It has finally happened. Like that train you are waiting for that keeps getting delayed but eventually arrives. The all-powerful trio comprising the European Parliament, the Council of the EU and the European Commission arrived at their destination after a journey of four years, and on December 15th, 2015, agreed the final text of the EU General Data Protection Regulation … Continue Reading
On November 2, 2015, the U.S. Federal Communications Commission issued two proposed fines related to Wi-Fi hotspot blocking. In the first notice the FCC proposed a penalty of $718,000 against M.C. Dean, one of the largest U.S. electrical contracting companies, for allegedly interfering with and disabling the operation of consumers’ Wi-Fi devices at the Baltimore Convention Center. In the second … Continue Reading
The French Competition Authority imposed a fine of €117.4 million on Orange France and France Telecom, and €65.7 million on SFR for anticompetitive practices in the mobile telephony sector. In its December 13, 2012 decision, the competition authority found that the operators’ offers including unlimited calls to mobile phones of the same network were anticompetitive. These offers were mainly … Continue Reading