Penalty

ICO Reflects on a Year of GDPR

Posted on June 12, 2019

Posted in European Union, Information Security, International, Online Privacy

The UK Information Commissioner’s Office recently published its reflections on the year that has passed since the implementation of the EU General Data Protection Regulation, together with a blog post by Elizabeth Denham, the UK Information Commissioner. …
Continue Reading

First Fine Imposed by the Belgian DPA Since GDPR

Posted on June 4, 2019

Posted in Enforcement, European Union, International

On May 28, 2019, shortly after the appointment of the new Belgian commissioner and the Director of the Litigation Chamber, the Belgian Data Protection Authority imposed its first fine since the EU General Data Protection Regulation became applicable.…
Continue Reading

OCR Settles with Medical Imaging Services Company

Posted on May 9, 2019

Posted in Enforcement, Health Privacy, Information Security, Security Breach, U.S. Federal Law

On May 6, 2019, the U.S. Department of Health and Human Services’ Office for Civil Rights announced that it had entered into a resolution agreement and $3 million settlement with Touchstone Medical Imaging. The settlement is the first OCR HIPAA enforcement action in 2019, following an all-time record year of HIPAA enforcement in 2018.…
Continue Reading

FTC Settles with Two Online Operators for Failing to Secure Customers’ Data

Posted on April 26, 2019

Posted in Children’s Privacy, Online Privacy, U.S. Federal Law

On April 24, 2019, the Federal Trade Commission announced two data security cases involving online operators that were alleged to have failed to take reasonable steps to secure consumers’ data, which allowed hackers to breach both websites.…
Continue Reading

ICO Issues GBP 400,000 Fine for Illegal Collection and Sharing of Personal Data

Posted on April 17, 2019

Posted in Children’s Privacy, Enforcement, Information Security, International, Online Privacy

On April 9, 2019, the UK Information Commissioner’s Office levied one of its most significant fines under the Data Protection Act 1998 against Bounty (UK) Limited. …
Continue Reading

Nigeria Issues New Data Protection Regulation

Posted on April 5, 2019

Posted in Information Security, International, Security Breach

Nigeria’s National Information Technology Development Agency recently issued the Nigeria Data Protection Regulation 2019. This blog entry provides key elements of the Regulation.…
Continue Reading

Dutch DPA Updates Policy on Administrative Fines

Posted on March 26, 2019

Posted in European Union, Information Security, International

On March 14, 2019, the Dutch Data Protection Authority published a press release announcing its policy for calculating administrative fines.…
Continue Reading

CIPL Issues White Paper on Principles for a Revised U.S. Privacy Framework

Posted on March 21, 2019

Posted in Centre for Information Policy Leadership, U.S. Federal Law

The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP has issued a white paper on Ten Principles for a Revised U.S. Privacy Framework.…
Continue Reading

FTC Issues Record $5.7 Million COPPA Penalty Against Musical.ly

Posted on February 28, 2019

Posted in Children’s Privacy, U.S. Federal Law

On February 27, 2019, the Federal Trade Commission announced a record $5.7 million civil penalty against popular video creation and sharing app Music.ly (now known as TikTok) for violations of U.S. children’s privacy rules.…
Continue Reading

European Commission Issues GDPR Infographic

Posted on February 1, 2019

Posted in European Union, International

On January 25, 2019, the European Commission issued an infographic on compliance with and enforcement and awareness of the GDPR since it took force on May 25, 2018.…
Continue Reading

Privacy & Information Security Law Blog