Gdpr news
Here are some recent GDPR news and updates:
Recent Fines and Penalties
- In July 2022, the French data protection authority, CNIL, fined Google €150 million for violating GDPR rules related to consent and transparency.
- In June 2022, the UK's Information Commissioner's Office (ICO) fined the Royal Mail £28 million for failing to protect customer data.
- In May 2022, the Spanish data protection authority, AEPD, fined the Spanish airline, Iberia, €400,000 for violating GDPR rules related to data protection by design and default.
New Guidance and Resources
- The European Data Protection Board (EDPB) published new guidelines on the use of artificial intelligence (AI) and machine learning (ML) in the context of GDPR.
- The UK's ICO published new guidance on the use of cookies and similar technologies under the GDPR.
- The European Commission published a new set of guidelines on the use of personal data in the context of the COVID-19 pandemic.
Upcoming Changes and Updates
- The EU is expected to introduce new data protection regulations, known as the "Data Governance Act", which will aim to improve the sharing and use of data across the EU.
- The UK's ICO is expected to publish new guidance on the use of biometric data under the GDPR.
- The European Commission is expected to publish new guidelines on the use of personal data in the context of the "Internet of Things" (IoT).
Notable Cases and Investigations
- The European Parliament is investigating the use of personal data by tech giants, including Google, Facebook, and Amazon.
- The French data protection authority, CNIL, is investigating the use of personal data by the French government's COVID-19 contact tracing app.
- The UK's ICO is investigating the use of personal data by the UK's National Health Service (NHS) in the context of its COVID-19 response.
GDPR Compliance and Best Practices
- The use of consent forms and banners on websites and apps is becoming increasingly important under the GDPR.
- The use of data protection by design and default is becoming a key focus area for data protection authorities.
- The use of data breach notification procedures is becoming more widespread under the GDPR.