On August 5, 2020, the French Data Protection Authority announced that it has levied a fine of €250,000 on a French online shoe retailer for various infringements of the GDPR. This is the first penalty under the GDPR enforced by the CNIL as the lead supervisory authority in cooperation with other EU supervisory authorities.
Continue Reading CNIL Adopts Its First Sanction as Lead Supervisory Authority, Fining French Online Shoe Retailer

On August 10, 2020, European Commissioner for Justice Didier Reynders and U.S. Secretary of Commerce Wilbur Ross released a joint press statement following the ruling of the Court of Justice of the European Union in the Schrems II case.
Continue Reading European Commission and U.S. Department of Commerce to Discuss Enhanced EU-U.S. Privacy Shield Framework

On July 30, 2020, the Litigation Chamber of the Belgian Data Protection Authority (the “Belgian DPA”) imposed a €20,000 fine on Belgian telecommunications provider Proximus N.V. (“Proximus”) for several data protection infringements related to Proximus’ public directory. In particular, the claimant requested that Proximus remove his contact details from the public directory and inform other publishers of public directories not to publish his personal data. Despite informing the claimant that it was going to proceed accordingly, Proximus still published his personal data in its public directory and shared it with other publishers of public directories.

Continue Reading Belgian DPA Fines Belgian Telecommunications Provider for Several Data Protection Infringements