(Data Protection News & Services)
The Information Commissioner’s Office (ICO) imposed a fine of £20m on British Airways (BA) for failing to protect the personal and financial details (payment card details) of more than 400,000 customers.
The ICO investigation revealed that the BA had not implemented adequate security measures and as a result, could not detect a cyber-attack, which took place in 2018 until BA was made aware of the attack by a third party two months later.
The Hamburg Commissioner for Data Protection and Freedom of Information imposed a 35.3 Million Euros Fine on H&M for illicit HR data procssing carried out in its Service Center based in Nuremberg. Indeed, the Authority discovered that the management team
By decision of 28 July 2020, the CNIL imposed a fine of €250,000 and an obligation to comply with the GDPR within 3 months of the decision, on SPARTOO, an online shoe retailer operating in 13 European countries. This is
On 9 June 2020, the CNIL published its 2019 activity report. This 100-page report provides a retrospective of the CNIL activities during 2019 by: recalling key dates and events such as the 50 million euro sanction against Google LLC or
On May 14, 2020, the Belgian Data Protection Authority imposed a €50,000 fine on an international dating website (“dating platform” or the “company”) for lack of legal basis of the data processing operations carried out to provide an “invite a friend” feature.
In particular, it considered that consent of non-users of the dating platform was necessary before letting the user send them invitation emails.