Cost of Noncompliance: More Than Just Fines
Life With GDPR: Cathay Pacific Enforcement Action
FCPA Compliance and Ethics Report-Episode 171-FCPA Enforcement in the Energy Industry
The French Data Protection Authority (CNIL) recently imposed a EUR 310,000 fine, representing 1% of its turnover, on FORIOU, a telemarketing company promoting loyalty programs. The fine stemmed from FORIOU’s use of...more
On March 13, 2024, the EU AI Act received its final assent from the EU Parliament with 523 votes in favor, 46 against and 49 abstentions, bringing it one step closer to adoption. Minor linguistic changes are still to be...more
Clearview AI Inc's successful challenge to the ICO’s £7.5 million fine focused on the limits of the UK GDPR’s jurisdictional reach, succeeding on the grounds that Clearview’s processing activities were outside the scope of...more
Cybersecurity incidents pose legal challenges for in-house counsel, alongside their technical implications. This overview highlights key aspects that legal departments must know when reacting to data breaches. ...more
The French Data Protection Authority imposed a €280,000 fine for GDPR infringements and a €100,000 fine for violation of French cookie rules. On 11 May 2023 the French Data Protection Authority (the CNIL) handed down its...more
The CJEU’s final ruling could subject companies to direct GDPR enforcement by DPAs notwithstanding national procedural rules, but may rule against strict liability under the GDPR. On 27 April 2023 Advocate General of the...more
Der Europäische Gerichtshof (EuGH) wird bald darüber entscheiden, ob europäische Datenschutzbehörden künftig leichter Bußgelder nach Art. 83 DSGVO gegen Unternehmen verhängen können. Diese Entscheidung kann großen Einfluss...more
Greece’s privacy protection authority recently announced it was fining Intellexa, an Israeli cyber tech company, EUR 50,000. The Hellenic Data Protection Authority (HDPA) imposed the fine as part of an investigation it...more
Bußgelder wegen Verstößen gegen die komplexen Anforderungen des EU-Datenschutzrechts werden zu einem immer größeren Risiko für Unternehmen. Europäische Aufsichtsbehörden haben bereits mehrere dreistellige Millionenbußgelder...more
On May 16, 2022, the European Data Protection Board (EDPB), the independent body of data protection supervisors that promotes consistent data protection rules and application thereof throughout the European Union (EU),...more
The Italian Garante per la Protezione dei dati Personali (‘Italian SA’) published a decision of February 10, 2022 in which it imposes a 20 million EUR fine on a company outside of Europe for violation of the EU General Data...more
Gerade im Datenschutz war 2021 ein Jahr voller Neuigkeiten und Ereignisse. Europäische Datenschutzbehörden haben DSGVO-Bußgelder in dreistelliger Millionenhöhe verhängt. Es dürfte spannend werden, ob mit der Überprüfung...more
Die deutschen Datenschutzbehörden verhängen derzeit Bußgelder wegen Verstößen gegen die DSGVO direkt gegen das jeweilige Unternehmen. Diese Möglichkeit ergibt sich nach Ansicht der Behörden aus dem sogenannten...more
The passage of the General Data Protection Regulation (GDPR) made it clear that the European Union (EU) is extremely serious about consumer privacy and that protecting EU citizens’ personal information is a top priority. The...more
On 22 September 2021, the EU’s second-highest court, the General Court, confirmed the European Commission’s 2018 decision (Case T-425/18—Altice Europe v. Commission) imposing an EUR 124 million fine on Altice Europe NV...more
The General Court of the European Union (GC) upheld the European Commission’s (EC) decision imposing two fines on Altice Europe for gun jumping infringements related to its acquisition of PT Portugal. The GC confirmed in...more
E-commerce giant Amazon reported in its financial statements at the end of last month that the Luxembourg data protection authority had imposed on it a fine totaling EUR 746 million. The fine appears to have been laid on...more
The European Union’s (EU) General Data Protection Regulation (GDPR) has been in effect since May 2018. The law’s goal of protecting EU citizens’ personal information and privacy seems to be coming into fruition. In the past,...more
Das Landgericht Bonn hat am 11. November 2020 erstmals in einem Bußgeldverfahren ein Urteil erlassen: „Die 9. Kammer für Bußgeldsachen des Landgerichts Bonn hat heute entschieden, dass das Bußgeld, welches der...more
In early October, the Data Protection Authority in Hamburg, Germany announced that the clothing retailer H&M committed severe violations of its employees’ privacy. Because of these European General Data Protection Regulations...more
The CNIL has imposed a €250,000 fine on an online retailer for GDPR infringements in cooperation with other EU supervisory authorities. Founded in 2006 and headquartered in France, Spartoo SAS (Spartoo) is one of the...more
The Council decision contains useful considerations and clarifications on the “one-stop shop” mechanism, transparency obligations, and consent for targeted advertising. On 19 June 2020, France’s Highest Administrative...more
On January 21, 2019, the CNIL (the French data protection authority) issued a fine of €50 million to Google under the General Data Protection Regulation (the “GDPR”) for its failure to (1) provide notice in an easily...more
Der Bundesgerichtshof (BGH) hat dem Europäischen Gerichtshof (EuGH) die Frage zur Entscheidung vorgelegt, inwieweit Verbraucherschutzverbände berechtigt sind, Datenschutzverstöße geltend zu machen. Die Antwort auf diese Frage...more