On August 5, 2020, the French Data Protection Authority announced that it has levied a fine of €250,000 on a French online shoe retailer for various infringements of the GDPR. This is the first penalty under the GDPR enforced by the CNIL as the lead supervisory authority in cooperation with other EU supervisory authorities.
Continue Reading CNIL Adopts Its First Sanction as Lead Supervisory Authority, Fining French Online Shoe Retailer

On July 6, 2020, the Dutch Data Protection Authority imposed a 830,000 euro fine on the Dutch Credit Registration Bureau for non-compliance with Articles 12 (2) and 12 (5) of the EU General Data Protection Regulation between May 2018 and March 2019.
Continue Reading Dutch DPA Fines Dutch Credit Registration Bureau 830,000 Euros for Non-Compliance with Data Subject Rights

On July 14, 2020, the Litigation Chamber of the Belgian Data Protection Authority (the “Belgian DPA”) imposed a €600,000 fine on Google Belgium SA (“Google”) for non-compliance with the right to be forgotten.

Continue Reading Belgian DPA Issues its Largest Fine to Date for Non-Compliance with the Right to Be Forgotten

On July 13, 2020, the Italian Data Protection Authority (Garante per la protezione dei dati personali, “Garante”) announced that it levied a €16,729,600 fine on telecoms provider Wind Tre S.p.A. (“Wind Tre”) for several unlawful data processing activities, mostly related to direct marketing.

Continue Reading Italian Garante Fines Telecoms Provider 17 Million Euros for Direct Marketing Infringements

On June 16, 2020, the Litigation Chamber of the Belgian Data Protection Authority imposed a fine on a company for unlawful and incorrect processing of personal data and non-compliance with the EU General Data Protection Regulation’s data subject rights provisions.
Continue Reading Belgian DPA Fines Company for Unlawful Processing and Non-Compliance with Data Subject Rights

On June 24, 2020, the Washington State Attorney General announced that it had settled an enforcement action against the owners of a social media platform for alleged violations of the Children’s Online Privacy Protection Act and the Washington State Consumer Protection Act.
Continue Reading Social Media Platform Fined 100,000 USD by Washington State AG for COPPA Violations

On June 19, 2020, France’s Highest Administrative Court upheld the French Data Protection Authority’s decision, whereby the CNIL imposed a fine of 50 million euros on Google under the EU General Data Protection Regulation.
Continue Reading French Highest Administrative Court Upholds 50 Million Euro Fine against Google for Alleged GDPR Violations