GDPR

Norwegian University Fined for Weak Access Controls in Microsoft Teams

Norwegian University Fined for Weak Access Controls in Microsoft Teams

On 4 September 2024, the Norwegian Data Protection Authority imposed a fine of NOK 150,000 on the University of Agder (UiA) following a six-year-long breach of personal data security. UiA had been storing sensitive personal data in open Microsoft Teams folders without proper access controls, making this information available to unauthorized employees and students. Scope […]

Norwegian University Fined for Weak Access Controls in Microsoft Teams Read More »

Dutch DPA Fines Clearview AI for Illegal Facial Recognition

Dutch DPA Fines Clearview AI for Illegal Facial Recognition

  On 16 May 2024, the Dutch Data Protection Authority (AP) imposed a fine of €30.5 million on Clearview AI, a U.S. company that offers facial recognition services. Clearview built a vast database of over 30 billion images, scraped from publicly accessible online sources, and converted these into biometric data. This practice violates the GDPR

Dutch DPA Fines Clearview AI for Illegal Facial Recognition Read More »

Dutch DPA Fines Uber €290 Million Over Data Transfers

On 26 August 2024 the Dutch Data Protection Authority (DPA) announced that it had imposed a €290 million fine on Uber Technologies Inc. and its Dutch subsidiary, Uber B.V., for violating Article 44 of the General Data Protection Regulation (GDPR). The penalty was a result of Uber’s failure to ensure appropriate data transfer mechanisms for

Dutch DPA Fines Uber €290 Million Over Data Transfers Read More »

noyb Sues Hamburg DPA over “Pay or OK” in Der Spiegel

noyb has filed a lawsuit against the Hamburg Data Protection Authority (DPA) after it approved the controversial ‘Pay or OK’ system used by DER SPIEGEL, which forces users to choose between consenting to data tracking or paying for a subscription. The Hamburg DPA’s decision, which took nearly three years, has been criticized for lack of impartiality, as the complainant was not consulted and critical facts were ignored.

noyb Sues Hamburg DPA over “Pay or OK” in Der Spiegel Read More »

Second GDPR Report Highlights Progress and Challenges

The European Commission released its second report on the application of the General Data Protection Regulation (GDPR). Since the first report in 2020, the GDPR has significantly impacted individuals and businesses, with the EU introducing numerous initiatives to enhance digital transformation. The report highlights key achievements, including increased enforcement activities and cooperation among data protection authorities. However, it also identifies areas needing improvement, such as supporting SMEs, providing clearer guidance, and achieving consistent GDPR enforcement across the EU. Significant enforcement actions have led to fines totaling around EUR 4.2 billion.

Second GDPR Report Highlights Progress and Challenges Read More »

Scroll to Top