Seen at GPDP: Telemarketing: the Privacy Guarantor sanctions Enel Energia The company had not protected its databases from access by abusive touts The Privacy Guarantor has imposed a fine of over 79 million euros on Enel Energia for serious shortcomings in the processing of personal data of numerous users in the electricity and gas sector, carried out…
Category: Non-U.S.
Finnish SA: Administrative fine of € 856,000 for failing to define storage period of customer data
As seen on EDPB: Origin of the case The Finnish Supervisory Authority (SA) investigated the activities of the online retailer Verkkokauppa.com due to a complaint filed by a customer. The controller had required the person to register themselves as a customer before making purchases online. Shopping in the online shop was not possible without creating…
CJEU Gives File-Sharer Surveillance & Data Retention a Green Ligh
Andy Maxwell writes: In a judgment published today, Europe’s top court concludes that suspected file-sharers can be subjected to mass surveillance and retention of their data as long as certain standards are upheld. Digital rights groups hoped to end the French ‘Hadopi’ anti-piracy scheme, claiming that it violates the fundamental right to privacy. The CJEU’s…
Information Commissioner: Persistent sensitive information breaches failing people living with HIV
From the UK Information Commissioner’s Office: Information Commissioner John Edwards has condemned data protection standards at health services for people living with HIV and called for urgent improvements. The statement follows several data breaches, as well as concerns raised by some of the largest HIV organisations in the country. Information Commissioner John Edwards said: “People…