Your Front Page For Information Governance News
Analysis and Commentary about Global Data Protection Laws, Including GDPR, FOI, Cyber Security and Surveillance
Last week a Tribunal overturned a GDPR Enforcement Notice and a Monetary Penalty Notice issued to Clearview AI, an American facial recognition company. In Clearview AI Inc v The Information Commissioner [2023] UKFTT 00819 (GRC), the First-Tier Tribunal (Information Rights) ruled that the Information Commissioner had no jurisdiction to issue either notice, on the basis … Continue reading “Clearview AI Wins Appeal Against GDPR Fine “
Personal data transfers between the EU and US is an ongoing legal and political saga. The latest development is yesterday’s largest ever GDPR fine of €1.2bn (£1bn) issued by Ireland’s Data Protection Commission (DPC) to Facebook’s owner, Meta Ireland. The DPC ruled that Meta infringed Article 46 of the EU GDPR in the way it … Continue reading “International Transfers Breach Results in Record GDPR Fine for Meta”
On 10th April 2023, the Information Commissioner’s Office (ICO) fined Join The Triboo Limited £130,000 for sending 107 million spam emails targeting jobseekers. The an online recruitment firm was found to have breached the Privacy and Electronic Communications Regulations (PECR) by sending unsolicited emails to individuals without their consent. The PECR is a set of … Continue reading “Online Recruitment Firm Receives £130,000 PECR Fine”
In recent months, TikTok has been accused of aggressive data harvesting and poor security issues. A number of governments have now taken a view that the video sharing platform represents an unacceptable risk that enables Chinese government surveillance. In March, UK government ministers were banned from using the TikTok app on their work phones. The United States, Canada, Belgium and … Continue reading “The TikTok GDPR Fine”
On 4th January 2023, Ireland’s Data Protection Commission (DPC) announced the conclusion of two inquiries into the data processing operations of Meta Platforms Ireland Limited (“Meta Ireland”) in connection with the delivery of its Facebook and Instagram services. Not only does this decision significantly limit Meta’s ability to gather information from its users to tailor and … Continue reading “Mega GDPR Fines for Meta”
This month the UK Information Commissioner’s Office has issued two fines and one Notice of Intent under GDPR. The latest fine is three times more than that imposed on Easylife Ltd on 5th October. Yesterday, Interserve Group Ltd was fined £4.4 million for failing to keep personal information of its staff secure. The ICO found that … Continue reading “£4.4 Million GDPR Fine for Construction Company “
On 5th October, the Information Commissioner’s Office (ICO) issued a GDPR Monetary Penalty Notice in the sum of £1,350,000 to Easylife Ltd. The catalogue retailer was found to have been using 145,400 customers personal data to predict their medical condition and then, without their consent, targeting them with health-related products. This latest ICO fine is interesting but not because of the amount involved. … Continue reading “£1.35 Million GDPR Fine for Catalogue Retailer”
On 26 September 2022, TikTok was issued with a Notice of Intent under the GDPR by the Information Commissioner’s Office (ICO). The video-sharing platform faces a £27 million fine after an ICO investigation found that the company may have breached UK data protection law. The notice sets out the ICO’s provisional view that TikTok breached … Continue reading “TikTok Faces a £27 Million GDPR Fine”
Since May 25th 2018, the Information Commissioner’s Office (ICO) has issued ten GDPR fines. The latest was issued on 30th June 2022 to Tavistock and Portman NHS Foundation Trust for £78,400. The Trust had accidentally revealing 1,781 adult gender identity patients’ email addresses when sending out an email. This is the second ICO fine issued to a Data Controller in these circumstances. In … Continue reading “A New GDPR Fine and a New ICO Enforcement Approach”
The Information Commissioner’s Office has issued a Monetary Penalty Notice of £7,552,800 to Clearview AI Inc for breaches of the UK GDPR. Clearview is a US based company which describes itself as the “World’s Largest Facial Network”. It allows customers, including the police, to upload an image of a person to its app, which is then … Continue reading “ICO Fines “World’s Largest Facial Network””
