The Data Protection Commission has imposed an administrative fine of €450,000 on Twitter. The draft decision in this inquiry, having been submitted to other Concerned Supervisory Authorities under Article 60 of the GDPR in May of this year, was the first one to go through the Article 65 (“dispute resolution”) process since the introduction of the GDPR and was the first Draft Decision in a “big tech” case on which all EU supervisory authorities were consulted as Concerned Supervisory Authorities.
On December 7, 2020, the CNIL fined Google LLC and Google Ireland Limited with a total fine of 100 million euros, in particular for deploying advertising cookies on the google.fr visitors’ devices without prior consent and for not meeting transparency requirements.
The CNIL has fined Amazon Europe Core 35 million euros for placing advertising cookies on users' computers on the amazon.fr site without prior consent and for not informing them about cookies properly.
The Department of Justice has announced a settlement in which DISH Network LLC will pay $126 million in civil penalties to the United States in violation of the Federal Trade Commission's Telemarketing Sales Rule and $84 million to four states for violations of the Telephone Consumer Protection Act, for a total settlement of $210 million.
The Information Commissioner's Office found that the company failed to put appropriate security measures in place to prevent a cyber-attack on a chat-bot installed on its online payment page. Ticketmaster’s failure to protect customer information is a breach of the General Data Protection Regulation (GDPR).
The Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI) has issued a fine of 35,258,707.95 Euros against H&M Hennes & Mauritz Online Shop A.B. & Co KG. The company is registered in Hamburg and operates a service center in Nuremberg.
The U.S. Department of Health and Human Services has announce that Premera Blue Cross had agreed to pay $6.85 million to the Office for Civil Rights at the HHS and to implement a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act Privacy and Security Rules related to a breach affecting over 10.4 million people.
The Office of the Comptroller (OCC) has issued an $80 million civil penalty against Capital One, N.A., and Capital One Bank (USA), N.A. and mandated them to strengthen their compliance programme by appointing a compliance committee and developing comprehensive action plan to comply with the order. This decision is the result of failing to establish effective risk assessment processes prior to migrating significant information technology operations to the public cloud environment and the bank's failure to correct the deficiencies in a timely manner. In taking this action, the OCC positively considered the bank's customer notification and remediation efforts
Subscribe to our newsletter to stay on top of the most relevant news from the privacy world. We might personalize the newsletter based on your interests. Occasionally, these emails may contain commercial offers from us. You may unsubscribe by clicking on the unsubscribe link at the bottom of the marketing email or by writing to us.