The UK Information Commissioner’s Office has issued a Monetary Penalty Notice to pensions release provider Grove Pensions Solutions Ltd, fining it £40,000 after the company used contact details collected by a third party for its direct marketing campaign.
Continue Reading UK ICO Fines Pensions Release Provider for Unsolicited Marketing Emails

On December 28, 2018, the French Data Protection Authority (the “CNIL”) published guidance regarding the conditions to be met by organizations in order to lawfully share personal data with business partners or other third parties, such as data brokers. The guidance focused, in particular, on such a scenario in the context of the EU General Data Protection Regulation (“GDPR”). The CNIL guidance sets forth the 5 following conditions:
Continue Reading CNIL Publishes Guidance on Data Sharing with Business Partners or Data Brokers

On November 8, 2018, Privacy International, a non-profit organization “dedicated to defending the right to privacy around the world,” filed complaints under the GDPR against two consumer marketing data brokers, Acxiom and Oracle.
Continue Reading Privacy Advocacy Organization Files GDPR Complaints Against Data Brokers

On October 17, 2018, the French data protection authority published a press release, detailing the rules applicable to devices that collect personal data from users’ mobile phones (media access control address) for the purposes of measuring the advertising audience and traffic in shopping malls and other public areas.
Continue Reading CNIL Details Rules on Audience and Traffic Measuring in Publicly Accessible Areas