Elizabeth George reports:
While Playstation players are still waiting to be able to use Discord on PS5, the famous VoIP service has just had its suspenders lifted by the CNIL. Indeed, the National Commission for Computing and Freedoms announced this Thursday, November 17 that it had imposed a fine of €800,000 on Discord. In its official press release, the institution specifies that the American company is guilty of several breaches of obligations under the GDPR (General Data Protection Regulation).
[…]
Those violations include:
- Failure to define and respect a data retention period appropriate to the purpose (Article 5.1.e of the GDPR)
- Failure to comply with the obligation to provide information (Article 13 of the RGPD)
- Failure to ensure data protection by default (Article 25.2 of the GDPR)
- Failure to ensure the security of personal data (Article 32 of the GDPR)
- Failure to carry out a data protection impact assessment (Article 35 of the GDPR)
Read more at Gearrice.
The CNIL’s press release can be found on CNIL’s website. The deliberation, in French, can be found at Délibération de la formation restreinte no SAN-2022-020 du 10 novembre 2022 concernant la société DISCORD INC. – Légifrance 