News about GDPR and data2.eu
On this page we will inform you about news items that are related to the GDPR, and about our GDPR tool for creating a processing index that is needed to comply with the GDPR.
The use of Google Analytics may soon no longer be permitted because it does not comply with the European privacy legislation GDPR.
The Dutch Personal Data Authority (Autoriteit Persoonsgegevens) has fined a Dutch company 15,000 euros for processing health data of sick employees and not securing it properly.
Accommodation booking website Booking.com has been fined €475,000 by the Dutch Authority for Personal Data (Autoriteit Persoonsgegevens) for reporting a data breach too late.
The number of hacks reported to the Dutch Authority for the Protection of Personal Data (Autoriteit Persoonsgegevens) in which personal data was stolen increased by 30% in 2020 compared to 2019.
The French privacy authority Commission nationale de l'informatique et des libertés (CNIL) has fined Google EUR 100 million and Amazon 35 million for placing cookies without permission.
Last July the Privacy Shield agreement between the United States, Switzerland and the European Union has been rejected by the European Court of Justice. The highest court of the European Union in matters of Union law rejected it because of concerns about U.S. surveillance.
The Privacy Shield does not comply with the GDPR. The trans-Atlantic agreement, which regulates the protection of personal data of EU citizens processed in the US, has been annulled by the European Court of Justice.
With the GDPRHub, noyb has published a database that offers summaries of GDPR-decisions from all over Europe in the form of a wiki.
Collecting data on Facebook has always been criticized by privacy advocates. Now there is a court ruling that takes operators of Facebook fanpages in obligation.
The number of privacy complaints submitted to the Authority for Personal Data (AP) continues to rise sharply. According to the AP, more than 15,000 people filed a complaint in the first half of 2019, compared to approximately 9,000 in the second half of 2018.
After the great hype and the tension surrounding the General Data Protection Regulation in spring 2018 and the relatively quiet summer that followed, our personal experience is that still many organizations haven't finished compliance with GDPR. The processing index, an internal documentation requirement, is usually not yet implemented.
The Dutch bank Theodoor Gilissen Bankiers has paid a fine of €48,000 to the Dutch Personal Data Authorities for non-compliance with the right to access one's own personal data.
Page 1 of 3