Breaching the GDPR

Data Protector

GDPR 156

Revise the GDPR

Data Protector

GDPR 156
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Twitter Fined $547,000 Under GDPR for 2018 Data Breach

Data Breach Today

Ireland's Data Protection Commission Tuesday hit social media giant Twitter with a $547,000 fine for failing to report and document a data breach within 72 hours, as required under GDPR Penalty Marks First Time US Tech Firm Penalized Under EU's Privacy Regulation For the first time, a U.S.

Marriott Hit With $24 Million GDPR Privacy Fine Over Breach

Data Breach Today

Privacy Regulator in UK Cautions Organizations to Conduct Thorough Due Diligence Hotel giant Marriott has been hit with the second largest privacy fine in British history, after it failed to contain a massive, long-running data breach. But the final fine of $23.8

GDPR 277

GDPR: Data Breach Notification 101

Data Breach Today

Brian Honan of BH Consulting on When to Notify - or Not Since the EU's new GDPR privacy law came into effect in May 2018, one challenge for organizations that suffer a breach is knowing whether or not they must report it to authorities, says Brian Honan, president and CEO of BH Consulting in Dublin

Is GDPR Compliance Tougher Than HIPAA Compliance?

Data Breach Today

Analysts: GDPR Case in Portugal Offers Lessons for U.S. Healthcare Entities An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA. Regulatory experts analyze the implications of the case

British Airways' GDPR Fine Dramatically Reduced

Data Breach Today

Fined $26 Million in Connection With 2018 Breach Britain's Information Commissioner's Office announced this week a dramatic reduction in its fine against British Airways for violating the EU's General Data Protection Regulation.

GDPR 179

Google Will Appeal Latest GDPR Fine

Data Breach Today

Sweden's Privacy Watchdog Hits Company With $8 Million Penalty Google will appeal the latest GDPR fine levied against the company. The Swedish Data Protection Authority fined the company nearly $8 million for failure to remove search results related to "right-to-be-forgotten" requests

GDPR 167

Analysis: The Significance of GDPR Fines

Data Breach Today

The latest edition of the ISMG Security Report analyzes the significance of fines against British Airways and Marriott for violations of the EU's GDPR. Also featured are discussions of California's privacy law as a model for other states and the next generation of deception technologies

GDPR 200

Cisco Studies Global Impact of GDPR

Data Breach Today

Cisco is out with findings from its 2019 Data Privacy Benchmark Study, which shows the impact of GDPR compliance as well as how customers are asking more questions about how their data is secured. Cisco Chief Privacy Officer Michelle Dennedy analyzes the survey

GDPR 212

Big GDPR Fines in UK and Ireland: What's the Holdup?

Data Breach Today

and Ireland each issued only one final GDPR fine to date Both Countries Have Each Issued Only a Single, Finalized Fine Under EU's Privacy Law The EU's General Data Protection Regulation was meant to finally bring in line organizations that didn't treat Europeans' personal data with respect. But two years after the regulation went into full effect, why have both the U.K.

GDPR 187

GDPR Two Years On: Compliance Lessons Learned

Data Breach Today

Attorneys Discuss Gaps That Still Need To Be Addressed Now that it's been two years since enforcement of the European Union's General Data Protection Regulation began, three attorneys - Kelsey Finch, Jonathan Armstrong and David Dumont - reflect on the lessons learned so far and the compliance gaps that still need to be addressed.

GDPR Compliance Used as Phishing Lure

Data Breach Today

Campaign Designed to Steal Credentials A recently uncovered phishing campaign used the European Union's General Data Protection Regulation as a lure to steal login credentials. The campaign enticed victims with subject lines indicating their email security system was not in compliance with the law, according to Area 1 Security

Under GDPR, UK Data Breach Reports Quadruple

Data Breach Today

After Privacy Law Went Into Full Effect, Data Security Complaints Doubled One year after Europe's tough new GDPR privacy law went into full effect last May, authorities in Britain have seen the number of annual data breach notifications more than quadruple.

Marriott Mega-Breach: Will GDPR Apply?

Data Breach Today

With GDPR in full effect since May, organizations with data security practices face the potential of massive fines Legal Experts Suspect So, But Investigation Could Take a Year or More Will Marriott be the first organization that lost control of Europeans' personal data to feel the full force of the EU's General Protection Regulation?

GDPR 196

Marriott and BA's Reduced Privacy Fines: GDPR Realpolitik

Data Breach Today

Final Fines Set Precedent, Avoid Court Cases, Likely Reflect EU Penalty Benchmarks Large, recently levied privacy fines against the likes of British Airways, H&M and Marriott show regulators continuing to bring the EU's General Data Protection Regulation to bear after businesses get breached.

GDPR 197

Europe Catches GDPR Breach-Notification Fever

Data Breach Today

Privacy Law is Fast Revealing the True Extent of Data Breaches Across UK and EU Less than four months after GDPR went into enforcement, Europe has arguably entered the modern data breach era. Reports of data breaches continue to increase and breached organizations now face the specter of class-action lawsuits over material as well as non-material damages

GDPR 187

Using Strategic Data Governance to Manage GDPR/CCPA Complexity

erwin

for alleged violations of the European Union’s General Data Protection Regulation (GDPR). While not the first , it is the largest penalty levied since the GDPR went into effect in May 2018. cautions: “European regulators could accelerate the crackdown on GDPR violators, which in turn could accelerate demand for GDPR readiness. With all the advance notice and significant chatter for GDPR/CCPA, why aren’t organizations more prepared to deal with data regulations?

GDPR 83

GDPR: Europe Counts 65,000 Data Breach Notifications So Far

Data Breach Today

Privacy regulators have also imposed at least $63 million in GDPR fines $63 Million in Fines Imposed Since Privacy Law Went Into Full Effect European privacy authorities have received nearly 65,000 data breach notifications since the EU's General Data Protection Regulation went into full effect in May 2018.

The Reasons Behind Google's GDPR Fine

Data Breach Today

The latest edition of the ISMG Security Report features an analysis of why Google was one of the first companies to be hit with a major GDPR fine, plus a global update on GDPR compliance trends and an in-depth report on shifts in malware

GDPR 145

Auditing your GDPR practices

IT Governance

Follow our advice to make sure your organisation is GDPR-compliant and avoids disciplinary action. After a relatively quiet few months, the EU GDPR (General Data Protection Regulation) is back in the news. They got their answer last week, when German chat app Knuddels became the first organisation to receive a substantial penalty under the GDPR. Our GDPR Audit Service includes everything you need to review your compliance posture. EU GDPR GDPR

GDPR 65

GDPR: Is Australia Ready?

Data Breach Today

With Europe's GDPR enforcement set to take effect on May 25, Australian organizations vary in readiness. Steve Ingram of PwC says it's not too late for companies to prepare for GDPR, but it will be too late to ask regulators for forgiveness if something goes wrong

GDPR 100

GDPR: Still Plenty of Lessons to Learn

Data Breach Today

RSA Conference Panel: Organizations Worldwide Face Long List of Challenges Nearly 10 months after the beginning of enforcement of the EU's GDPR privacy regulation, organizations around the world are still learning plenty of compliance lessons - including how to locate all personal data so it can be protected, according to regulatory experts on a panel at RSA Conference 2019

GDPR 154

Why Isn't GDPR Being Enforced?

Schneier on Security

Politico has a long article making the case that the lead GDPR regulator, Ireland, has too cozy a relationship with Silicon Valley tech companies to effectively regulate their privacy practices. cybersecurity gdpr ireland loopholes nationalsecuritypolicy

GDPR 82

Data Breach Reports in Europe Under GDPR Exceed 59,000

Data Breach Today

Netherlands, Germany and UK Have Logged the Most Data Breach Reports Since the EU's GDPR went into full effect, European data protection authorities have received over 59,000 data breach reports, with the Netherlands, Germany and the U.K. receiving the greatest number of notifications, according to the law firm DLA Piper

Germany: No GDPR damages after data breach

DLA Piper Privacy Matters

In contrast to personal injury claims where lawyers have (hundreds of) years of case law to call upon to help calculate compensation, there is comparatively little case law considering how compensation will be calculated for distress when personal data are processed in breach of GDPR. 12 GDPR.

GDPR and COVID-19: Privacy Regulator Promises 'Flexibility'

Data Breach Today

While Breach Notification Rules Still Apply, Expect Lower Fines As the COVID-19 pandemic continues, Britain's privacy watchdog has signaled that although privacy rights and transparency - as enshrined under GDPR - remain paramount, it will take a more "flexible" regulatory approach.

GDPR 107

Kickstart your GDPR program

OpenText Information Management

The role of Data Discovery in General Data Protection Regulation (GDPR) compliance is the essential first step to building a successful GDPR program, but it’s one that many companies are struggling to take. Companies are faced with terabytes or petabytes of data spread throughout their organization – and beyond – and don’t clearly know what … The post Kickstart your GDPR program appeared first on OpenText Blogs.

GDPR 59

ITALY: First GDPR fine issued!

DLA Piper Privacy Matters

The first GDPR fine was issued in Italy by the Garante for the lack of implementation of privacy security measures following a data breach on the so-called Rousseau platform operating the websites of the Movimento 5 Stelle party. The first GDPR fine issued in Italy. Uncategorized GDPR Italy Privacy

GDPR 81

GDPR Compliance: Common Misconceptions

Data Breach Today

Attorney Elizabeth Harding clears up confusion about certain provisions of the EU's General Data Protection Regulation, including the issue of when organizations need to obtain a European consumer's consent to process their data

GDPR: $126 Million in Fines and Counting

Data Breach Today

More than 160,000 Data Breaches Reported to EU Regulators, DLA Piper Finds Since the EU's General Data Protection Regulation went into full effect in May 2018, European data protection authorities have received more than 160,900 data breach reports and imposed $126 million in fines under GDPR for a wide variety of infringements, not all involving data breaches

GDPR 113

Exploiting GDPR to Get Private Information

Schneier on Security

A researcher abused the GDPR to get information on his fiancee: It is one of the first tests of its kind to exploit the EU's General Data Protection Regulation (GDPR) , which came into force in May 2018. But the kind of mid-sized businesses that knew about GDPR, but maybe didn't have much of a specialised process [to handle requests], failed.". cybersecurity gdpr privacy

GDPR 85

How to comply with GDPR

Collibra

Like it or not, the General Data Protection Regulation (GDPR) is here to stay. Many companies have hired in-house teams to take on the task of how to comply with the GDPR. In most cases, the in-house GDPR compliance teams deliver spreadsheet files to meet the regulation standards.

GDPR 56

The GDPR for the Little Guy (or Gal)

Weissman's World

What is the GDPR? The GDPR is the European Union’s General Data Protection Regulation, and as the EU’s new take on privacy protection, it took effect a month ago to much fanfare. The post The GDPR for the Little Guy (or Gal) appeared first on Holly Group. GDPR infogovOfficially, it “protects fundamental rights and freedoms of natural persons, and in particular, their right to the protection of personal data.” Note the […].

GDPR 146

Marriott Faces $125 Million GDPR Fine Over Mega-Breach

Data Breach Today

Breach Persisted 4 Years - and Through Acquisition - Before Being Discovered Britain's privacy watchdog says it plans to fine hotel giant Marriott $125 million under GDPR for security failures tied to a 2014 breach of the guest reservation database for Starwood, which Marriott acquired in 2016.

GDPR 168

GDPR for small business: the ultimate guide

IT Governance

What is the GDPR? First, the UK has implemented the UK DPA (Data Protection Act) 2018 , which adopts the GDPR into national law. Second, if you process EU residents’ personal data, the GDPR still applies. Because this information could be particularly damaging if breached, the GDPR requires that organisations take extra steps to protect it. Does the GDPR apply to small businesses? What does the GDPR mean for my business? GDPR compliance checklist.

GDPR 60

GDPR personal data explained

Collibra

The General Data Protection Regulation (GDPR), in force since May 25, 2018, requires businesses to protect the personal data and privacy of European Union (EU) citizens, for transactions that occur within EU Member States. What is personal data under GDPR?

GDPR: 8,000 Data Breach Reports Filed So Far in UK

Data Breach Today

Privacy Watchdog Counts 41 Daily Breach Reports Since GDPR Enforcement Began The U.K.'s s privacy watchdog says that six months after enforcement of the EU's General Data Protection Regulation began, it's seen a dramatic increase in data breach reports - as well as privacy complaints from the public

15 GDPR Probes in Ireland Target Facebook, Twitter, Others

Data Breach Today

Ten of the 15 major investigations that the Data Protection Commission launched since the EU's tough new privacy law, GDPR, went into full effect in May 2018 are focused on Facebook Facebook Alone the Focus of 10 Separate Regulatory Investigations by Privacy Watchdog Ireland's privacy watchdog has its eye on Facebook.

GDPR 178

GDPR Compliance Site Leaks Git Data, Passwords

Threatpost

Researchers discovered a.git folder exposing passwords and more for a website that gives advice to organizations about complying with the General Data Protection Regulation (GDPR) rules. Privacy Web Security.git directory data exposure data leak Data Privacy GDPR gdpr.eu git Passwords pen test partners