Ticketmaster UK has been fined £1.25 million after it suffered a massive data breach that exposed customers’ payment card details. The ICO (Information Commissioner’s Office) levied the fine following an investigation into the incident, which was disclosed in June 2018. …
If you’re one of the many organisations based outside the EU that’s been told to review your GDPR (General Data Protection Regulation) compliance practices, you might be confused. It’s an EU law, so why does the GDPR apply to non-EU …
Ireland’s DPC (Data Protection Commission) is investigating Instagram amid allegations that it failed to protect children’s personal data. Reports claimed that the email addresses and phone numbers of those under 18 were left publicly available due to an oversight in …
The GDPR (General Data Protection Regulation) is characterised by its widespread departure from previous European data protection laws – and one area where this is particularly the case is the scope of its application. Not only does the GDPR apply to …
The German subsidiary of H&M has received a €35,258,707.95 (about £31.9 million) fine from the Hamburg Data Protection Authority for violating the GDPR (General Data Protection Regulation). The infringement relates to a 2019 data breach that revealed that H&M was …
The GDPR (General Data Protection Regulation) restricts transfers of personal data outside of the EU. This prevents organisations circumventing the Regulation by processing the personal data in a country where the information is not adequately protected. For a data transfer …
For more than two years, Instagram was keeping pictures and direct messages on its servers after users deleted them. The researcher Saugat Pokharel discovered the error after sending the social media giant a request to access the information it stored …
Cyber criminals have developed a new way of strong-arming people into paying ransomware demands, according to a Sophos report.
16 July 2020 is likely to be remembered as the day the CJEU (Court of Justice of the European Union) invalidated the EU–US Privacy Shield Framework. The CJEU handed down its judgement on Schrems II, in which it considered the …
The ECJ (European Court of Justice) has declared that the EU–US Privacy Shield fails to protect people’s rights to privacy and data protection. The Privacy Shield was adopted in 2015 as way for organisations on both sides of the Atlantic …
