Wait, that’s covered? Insurability of Fines and Penalties Flowing From a Cybersecurity Breach
FCPA Compliance and Ethics Report-Episode 31-the FCPA Year in Review, Corporate Enforcement Actions
FCPA Compliance and Ethics Report-Episode 30-Interview with the FCPA Professor-Part 2
Condo complaints not in writing?
Health Data on Leased Photocopier Costs Company $1.2m—What Others Can Learn
X Agrees to Stop Processing EU Data to Train its Grok AI - Ireland’s Data Protection Commission (“DPC”) recently filed an urgent High Court application against X (formerly Twitter) for using the personal data of European...more
On 26 August the Dutch Data Protection Authority (DPA) fined Uber EUR 290 million for a breach of the General Data Protection Regulation (GDPR). Following a number of complaints from French Uber drivers, the DPA found that...more
Der datenschutzrechtliche Auskunftsanspruch gem. Art. 15 Abs. 1 DSGVO beschäftigt Unternehmen auf vielfältige Art und Weise. Zuletzt hatten die europäischen Datenschutzaufsichtsbehörden diesbezüglich eine koordinierte...more
Warum ist das relevant? Bei Verstößen gegen das Datenschutzrecht drohen Unternehmen insbesondere zwei Konsequenzen: Maßnahmen der Datenschutzaufsichtsbehörden inkl. möglicher DSGVO-Geldbußen nach Art. 83 DSGVO sowie...more
Die europäischen Datenschutzbehörden haben eine koordinierte Prüfaktion mit Fokus auf das Auskunftsrecht gem. Art. 15 DSGVO gestartet. Dabei handelt es sich um eines der in der Praxis bedeutsamsten Datenschutzrechte, gerade...more
Following the European Court of Justice’s (“ECJ”) landmark judgement of 5 December 2023 (case no. C-807/21), the Higher Regional Court of Berlin specified the requirements for GDPR fine notices issued by data protection...more
Warum ist das relevant? Die bisherige deutsche Rechtslage ging davon aus, dass die bloße Feststellung eines Datenschutzverstoßes durch ein Unternehmen für die Verhängung einer Geldbuße nicht ausreichend war. Vielmehr musste...more
The European Data Protection Board (EDPB) published the final version of the Guidelines on the calculation of administrative fines under the GDPR (Guidelines) on 7 June 2023. The Guidelines aim to harmonize the approach to...more
Meta Ireland (Meta) has recently been issued with two fines by the Irish Data Protection Commission (DPC) for breaches of the EU General Data Protection Regulation (GDPR) relating to advertisements run on its Facebook and...more
Pelosi Statement Dims the Lights on ADPPA - The prospects for the nation’s first comprehensive data privacy law, the American Data Privacy and Protection Act (the “ADPPA” or the “Bill”), dimmed after House Speaker Nancy...more
On May 12, 2022, the European Data Protection Board (EDPB) published its long-awaited Guidelines 04/2022 on the calculation of fines under the General Data Protection Regulation (GDPR). After many data protection authorities...more
Following Germany's initial attempt last year to implement the EU Whistleblower Directive (Directive (EU) 2019/1937), aimed at ensuring harmonized and improved protection of whistleblowers throughout Europe, the Federal...more
On February 2, 2022, the Belgian Data Protection Authority (“DPA”) issued a decision finding that the Interactive Advertising Bureau ("IAB”) Europe’s Transparency and Consent Framework (“TCF”) violates key provisions of the...more
On September 2, 2021, EU regulators fined Facebook-owned chat service, WhatsApp, £225 million (around $266 million) for failing to fully disclose its user data collection and sharing practices. This is the second largest fine...more
Amazon’s financial records have revealed that the Luxembourg data protection supervisory authority, the Commission Nationale pour la Protection des Données (“CNPD”), is fining the retailer’s European arm (Amazon Europe Core...more
On 21 April 2021, the European Commission unveiled a proposal for an EU Artificial Intelligence Regulation (“Proposal”). The Proposal recognizes that AI offers significant benefits and opportunities for the EU market, but...more
The Spanish Data Protection Agency (“Spanish DPA”) decided to start 2021 the same way it ended 2020: by imposing the highest fines to date (EUR 5,000,000 and 6,000,000) to two large Spanish financial entities. ...more
Germany has seen a couple of record GDPR fines since the German Data Protection Authorities (DPA) issued their guidance paper on how to measure GDPR fines in October 2019. One of these DPA sanctions was recently subject to...more
At £20 million, the fine imposed on British Airways (BA) for its infringement of the General Data Protection Regulation is the biggest fine of its kind in the history of the U.K.’s Information Commissioner’s Office (ICO)....more
As announced by a press release dated 1 October 2020, the Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI) has issued a fine of €35,258,707.95 (approx. US$41.2 million) against H&M Hennes &...more
Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed....more
Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed replacing the main pre-GDPR legislation...more