Enforcement

Norwegian University Fined for Weak Access Controls in Microsoft Teams

Norwegian University Fined for Weak Access Controls in Microsoft Teams

On 4 September 2024, the Norwegian Data Protection Authority imposed a fine of NOK 150,000 on the University of Agder (UiA) following a six-year-long breach of personal data security. UiA had been storing sensitive personal data in open Microsoft Teams folders without proper access controls, making this information available to unauthorized employees and students. Scope […]

Norwegian University Fined for Weak Access Controls in Microsoft Teams Read More »

Dutch DPA Fines Clearview AI for Illegal Facial Recognition

Dutch DPA Fines Clearview AI for Illegal Facial Recognition

  On 16 May 2024, the Dutch Data Protection Authority (AP) imposed a fine of €30.5 million on Clearview AI, a U.S. company that offers facial recognition services. Clearview built a vast database of over 30 billion images, scraped from publicly accessible online sources, and converted these into biometric data. This practice violates the GDPR

Dutch DPA Fines Clearview AI for Illegal Facial Recognition Read More »

wedish DPA Fines Apoteket and Apohem for Meta Pixel Misuse

Swedish DPA Fines Apoteket and Apohem for Meta Pixel Misuse

On 29 August 2024, the Swedish Privacy Protection Authority (IMY) issued two fines against major pharmacy companies, Apoteket AB and Apohem AB, for violations of Article 32 of the GDPR. Both cases involved the misuse of Meta’s analytics tool, Meta Pixel, which led to the unintentional transfer of sensitive customer data to Meta Platforms Ireland.

Swedish DPA Fines Apoteket and Apohem for Meta Pixel Misuse Read More »

Dutch DPA Fines Uber €290 Million Over Data Transfers

On 26 August 2024 the Dutch Data Protection Authority (DPA) announced that it had imposed a €290 million fine on Uber Technologies Inc. and its Dutch subsidiary, Uber B.V., for violating Article 44 of the General Data Protection Regulation (GDPR). The penalty was a result of Uber’s failure to ensure appropriate data transfer mechanisms for

Dutch DPA Fines Uber €290 Million Over Data Transfers Read More »

US Senators Urge FTC Crackdown on Automakers’ Data Sharing

On July 26, 2024, U.S. Senators Ron Wyden and Edward J. Markey called on the FTC to investigate automakers’ unauthorized sharing of driver data with data brokers. Wyden’s investigation revealed that GM, Honda, and Hyundai shared driving and location data with Verisk Analytics without drivers’ informed consent. Hyundai received over $1 million from Verisk for data from 1.7 million cars, while Honda and GM also engaged in similar practices. The senators condemned these actions, urging the FTC to hold automakers and data brokers accountable for privacy violations and deceptive practices.

US Senators Urge FTC Crackdown on Automakers’ Data Sharing Read More »

Scroll to Top