Compliance with the European Union’s General Data Protection Regulation (GDPR), scheduled to take effect in May 2018, has taken center stage for companies. But it is important to remember that regulators in the U.S. continue their own work to protect the privacy interests of consumers. The Federal Trade Commission (FTC) took the spotlight on December 12, 2017, when it hosted a one-day workshop titled “Informational Injury” in Washington DC. The event brought together a variety of stakeholders – including industry representatives, consumer advocates, academics and government researchers – to discuss issues related to the injuries consumers suffer when information about them is misused. In opening remarks, Acting FTC Chairwoman…
.@EU_Commission announced successful conclusion of adequacy talks with South Korea, confirming alignment of EU & SK #dataprotection laws. Finding covers commercial & public sector, enables data flows between the EU & SK. Adoption expected in coming months. https://ec.europa.eu/commission/presscorner/detail/en/statement_21_1506
Dutch DPA announced a €475,000 fine for Dutch headquartered @bookingcom for failure to report #databreach within 72 hours of becoming aware of the 2019 incident. Breach resulted in unauthorized access to login credentials, criminal access to data of 4000 customers.
Bavaria #DPA declared company’s (controller’s) use of US email marketing service #Mailchimp in #Bavaria impermissible due to failure comply with #SchremsII mitigation requirements with respect to transfer of e-mail addresses to Mailchimp in the US.