Andreea Lisievici

IAPP Organizational Digital Governance Report 2024

IAPP Organizational Digital Governance Report 2024

Governance, IAPP |

The “Organizational Digital Governance Report 2024” by IAPP explores how businesses are addressing the challenges brought on by digital technologies and increasing regulatory complexity. Digital governance now encompasses privacy, AI, cybersecurity, and more, demanding a coordinated approach. The report is based on interviews with over 20 senior leaders from major tech-driven firms and highlights several […]

IAPP Organizational Digital Governance Report 2024 Read More »

Norwegian University Fined for Weak Access Controls in Microsoft Teams

Norwegian University Fined for Weak Access Controls in Microsoft Teams

Enforcement, GDPR |

On 4 September 2024, the Norwegian Data Protection Authority imposed a fine of NOK 150,000 on the University of Agder (UiA) following a six-year-long breach of personal data security. UiA had been storing sensitive personal data in open Microsoft Teams folders without proper access controls, making this information available to unauthorized employees and students. Scope

Norwegian University Fined for Weak Access Controls in Microsoft Teams Read More »

Dutch DPA Fines Clearview AI for Illegal Facial Recognition

Dutch DPA Fines Clearview AI for Illegal Facial Recognition

Enforcement, GDPR |

  On 16 May 2024, the Dutch Data Protection Authority (AP) imposed a fine of €30.5 million on Clearview AI, a U.S. company that offers facial recognition services. Clearview built a vast database of over 30 billion images, scraped from publicly accessible online sources, and converted these into biometric data. This practice violates the GDPR

Dutch DPA Fines Clearview AI for Illegal Facial Recognition Read More »

ECtHR Finds Privacy Violation in Monitoring of Legal Documents Exchanged between Prisoners and Lawyers

ECtHR Finds Privacy Violation in Monitoring of Legal Documents Exchanged between Prisoners and Lawyers

ECHR |

On 3 September 2024, the European Court of Human Rights (ECtHR) delivered its judgment in Hallaçoğlu v. Türkiye (Application no. 24514/19), addressing a privacy violation involving the monitoring of confidential communications between a prisoner and his lawyer. The case centered on Ruhi Hallaçoğlu, who was detained following the 2016 coup attempt for alleged membership in

ECtHR Finds Privacy Violation in Monitoring of Legal Documents Exchanged between Prisoners and Lawyers Read More »

wedish DPA Fines Apoteket and Apohem for Meta Pixel Misuse

Swedish DPA Fines Apoteket and Apohem for Meta Pixel Misuse

Enforcement, IMY |

On 29 August 2024, the Swedish Privacy Protection Authority (IMY) issued two fines against major pharmacy companies, Apoteket AB and Apohem AB, for violations of Article 32 of the GDPR. Both cases involved the misuse of Meta’s analytics tool, Meta Pixel, which led to the unintentional transfer of sensitive customer data to Meta Platforms Ireland.

Swedish DPA Fines Apoteket and Apohem for Meta Pixel Misuse Read More »

Scroll to Top