#Privacy: Belgian DPA to investigate supermarket’s fingerprint payment system 

The Belgian Data Protection Authority, Gegevensbeschermingsautoriteit (GBA), has announced that it is planning to launch an investigation into Carrefour’s fingerprint payment system.  On Tuesday, the supermarket chain Carrefour announced that it was organising a biometric payments pilot, in a store in the centre of Brussels, which would allow clients to pay for their groceries with […]

#Privacy: Research reveals that most websites are not compliant with GDPR

Research has found that only 11.8% of consent management platforms (CMPs) meet the minimal requirements under GDPR and Europe’s eDirective regulations regarding cookies and consent. A study conducted by researchers at MIT CSAIL, Denmark’s Aarhus University and University College London, analysed how prevalent CMP designs impact people’s consent choices.  Under EU law, consent must be […]

#Privacy: Pharmacy fined £275K for GDPR violation

A London pharmacy has incurred the UK’s first ever data protection fine of £275,000 for breaching the EU General Data Protection Regulation (GDPR).  Doorstep Dispensaree, has been fined £275,000 by the Information Commissioner’s Office (ICO) for its “cavalier attitude to data protection” after leaving 500,000 medical documents containing sensitive information in unlocked containers, disposal bags […]

#Privacy: German GDPR watchdog fines ISP & hosting company €9.55m

Germany’s Federal Commissioner for Data Protection and Freedom of Information (BfDI) has fined 1&1 Telecommunications for GDPR infringement.  On Monday, 1&1 was fined €9.55 million ($10.6m) for failing to implement “adequate technical and organisational measures (TOMs)” to protect customer data from any unauthorised access.  Due to the insufficient TOMs, callers were able to obtain information […]

#Privacy: Why special category personal data needs to be handled even more carefully

The ICO has published a new post written by Ian Hulme, Director of Regulatory Assurance to launch their new updated guidance on special category data under the GDPR.  Hulme stresses that the consequences of sharing personal data by mistake can be extremely damaging.  The General Data Protection Regulation (GDPR) recognises that certain types of personal […]

#Privacy: Spanish DPA fines airline €30,000 

The Spanish Data Protection Authority has fined Vueling €30,000 for failing to provide a cookie banner that complies with the EU’s General Data Protection Regulation (GDPR). The decision was based on the cookie banner being poorly constructed, displaying general information about what cookies are and which cookies are used, along with information that shows the […]