On June 19, 2020, France’s Highest Administrative Court upheld the French Data Protection Authority’s decision, whereby the CNIL imposed a fine of 50 million euros on Google under the EU General Data Protection Regulation.
Continue Reading French Highest Administrative Court Upholds 50 Million Euro Fine against Google for Alleged GDPR Violations

On May 19, 2020, the Belgian Data Protection Authority announced that the Litigation Chamber had imposed a €50,000 fine on a social media provider for unlawful processing of personal data in connection with the “invite-a-friend” function offered on its platform.
Continue Reading Belgian DPA Sanctions Social Media Company for Unlawful Processing of Personal Data in Connection with “Invite-a-Friend” Function

On April 28, 2020, the Litigation Chamber of the Belgian Data Protection Authority imposed a €50,000 fine on a company for non-compliance with the requirements under the General Data Protection Regulation related to the appointment of a data protection officer.
Continue Reading Belgian DPA Sanctions Company for Non-Compliance with the GDPR’s DPO Requirements

On March 3, 2020, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, the “Dutch DPA”) announced that it had imposed a €525,000 fine on the Royal Dutch Tennis Association (De Koninklijke Nederlandse Lawn Tennisbond, “KNLTB”) for an illegal sale of personal data.
Continue Reading Dutch DPA Fines Royal Dutch Tennis Association 525,000 Euros For Illegal Data Sale

On March 4, 2020, the UK Information Commissioner’s Office fined the international airline Cathay Pacific Airways Limited GBP 500,000 for failing to protect the security of its customers’ personal data. The fine was issued under the Data Protection Act 1998 and represents the maximum fine available under the DPA.
Continue Reading ICO Fines International Airline Cathay Pacific GBP 500,000 (Maximum Available) for Failing to Secure Customers’ Personal Data