This week marks exactly one year until EU individuals will have new rights with respect to how all businesses must protect personal data. Whether a particular business is big or small, based in the EU or based in the US, each must fully comply with the game-changing General Data Protection Regulation (GDPR). GDPR took center stage in Berlin recently, when policymakers, businesses, and regulators from 20 countries met in Berlin at the 7th annual European Data Protection Days conference. Nearly every speaker emphasized the challenges the regulation raises for small and medium sized companies (SMEs) and the critical need for those companies to comply. Companies of all sizes…
.@EU_Commission announced successful conclusion of adequacy talks with South Korea, confirming alignment of EU & SK #dataprotection laws. Finding covers commercial & public sector, enables data flows between the EU & SK. Adoption expected in coming months. https://ec.europa.eu/commission/presscorner/detail/en/statement_21_1506
Dutch DPA announced a €475,000 fine for Dutch headquartered @bookingcom for failure to report #databreach within 72 hours of becoming aware of the 2019 incident. Breach resulted in unauthorized access to login credentials, criminal access to data of 4000 customers.
Bavaria #DPA declared company’s (controller’s) use of US email marketing service #Mailchimp in #Bavaria impermissible due to failure comply with #SchremsII mitigation requirements with respect to transfer of e-mail addresses to Mailchimp in the US.