Cost of Noncompliance: More Than Just Fines
Life With GDPR: Cathay Pacific Enforcement Action
FCPA Compliance and Ethics Report-Episode 171-FCPA Enforcement in the Energy Industry
Organisations that make international transfers of personal data have undergone significant challenges and changes over the last few years. With the invalidation of the Privacy Shield agreement in 2020 and the introduction of...more
If your answer is, “to avoid fines,” that’s definitely a good reason. But it’s not the only reason. Pursuing data privacy is also the right thing to do. It builds trust. It prevents harm. The list goes on. However, for most...more
Das Landgericht Bonn hat am 11. November 2020 erstmals in einem Bußgeldverfahren ein Urteil erlassen: „Die 9. Kammer für Bußgeldsachen des Landgerichts Bonn hat heute entschieden, dass das Bußgeld, welches der...more
Below is a summary of recent developments for the Food, Beverage and Hospitality industry in terms of Internet laws and regulations. Consumer Privacy and the CCPA - In June 2018, California enacted one of the most...more
When British Airways (“BA”) suffered a significant personal data breach in September 2018, just months after the coming into force of the EU General Data Protection Regulation (“GDPR”), all eyes were on the UK’s Information...more
Der Bundesgerichtshof (BGH) hat dem Europäischen Gerichtshof (EuGH) die Frage zur Entscheidung vorgelegt, inwieweit Verbraucherschutzverbände berechtigt sind, Datenschutzverstöße geltend zu machen. Die Antwort auf diese Frage...more
Data protection violations may result in German authorities imposing significantly increased fines. The Conference of the German Data Protection Authorities (DSK) ? the joint body of the German data protection authorities...more
Following in the footsteps of the CNIL and the ICO, the Berlin DPA will impose a multimillion-euro fine for breach of the GDPR. The Berlin Data Protection Authority (Berlin DPA) recently announced that it will issue a...more
The Hellenic Data Protection Authority (HDPA) recently imposed a EUR 150,000 fine on the international consulting firm PwC for its violations of the new European data protection regulations (the General Data Protection...more
Everyone knows about the General Data Protection Regulation (GDPR). The GDPR is the EU’s new privacy regime in the region. Over a year has passed since its implementation and organizations are discovering how strict EU...more
NIL, the French data privacy regulator, issued a 400,000 euro ($448,358) fine against a company for GDPR violations stemming from sensitive information collected on its website. Investigating a complaint, CNIL discovered that...more
The UK Supervisory Authority (the ICO) has had a headline-busting month. On July 9, 2019, the ICO announced its intention to fine Marriott International more than £99 million under the GDPR (General Data Protection...more
On July 8, 2019, the UK Information Commissioner’s Office (ICO) announced its intention to fine British Airways GBP 183.39 million over a data breach in which the personal data of approximately 500,000 customers was...more
GDPR fines are seemingly like buses, you wait over a year for enforcement action by the UK’s data supervisory authority, the ICO, and then two come along at once – and with quite dramatic effect. The ICO has stretched its...more
Last week on July 9, 2019, the United Kingdom’s Information Commission Office (ICO) announced its intention to fine Marriott International £99.3 million (about $124 million), or 2.5% of Marriott’s worldwide annual revenue, in...more
Key Takeaways - - The proposed £183 million and £99.2 million fines against British Airways and Marriott, respectively, by the UK’s ICO emphasise: - The need for companies to maintain appropriate data protection practices...more
The ICO issued notices of intent to fine British Airways and Marriott. What happened? On 8 July 2019, the UK Information Commissioner’s Office (ICO) announced a notice of intent to fine British Airways £183.39 million (about...more
Germany’s first GDPR fine offers lesson for companies planning a data breach policy. In November 2018, Germany’s first fine under the General Data Protection Regulation (GDPR) was imposed — and it was much lower than many...more
Cathay Pacific, the Hong Kong airline, is the latest airline to face a cyber-attack; in this case, one that has resulted in the theft of personal data of up to 9.4 million passengers. The hackers gained "unauthorised access"...more
In 2015, Anthem, Inc. was subject to the largest U.S. health data breach in history, exposing the protected health information (PHI) of nearly 79 million people. The cyber-attackers accessed Anthem’s system through “spear...more
After much anticipation, the General Data Protection Regulation (GDPR) finally went into effect on May 25, 2018. For employers, that means some enhanced employee rights, and the risk of significant penalties for...more
What is the GDPR? The European General Data Protection Regulation (GDPR) is a new law going into effect on May 25, 2018 that grants European residents broad, never-before-recognized data privacy rights, and imposes...more
The United States Federal Trade Commission ("FTC") strikes again. In the action by the FTC involving the cybersecurity breach of Toronto-based AshleyMadison.com (operated by Ruby Corp. and hereafter referred to as "Ashley...more
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) recently announced a $750,000 fine and resolution agreement, including a Corrective Action Plan (CAP), for Cancer Care Group, P.C. (CCG), a...more