Security News

Meta violates GDPR with non-compliant targeted ad practices, earns over $400 million in fines
2023-01-04 20:35

As of Wednesday, Jan. 4, Meta has once again been hit with a major GDPR violation, earning itself more than $400 million in fines for its latest data privacy misstep. In this report, we'll share what we know about Meta's latest violation, and we'll dive a little deeper into Meta's troubled past with GDPR. Fast facts about Meta's 2023 GDPR targeted ads violation.

Facebook Fined $276M under GDPR
2022-11-30 12:00

Facebook-Meta-was just fined $276 million for a data leak that included full names, birth dates, phone numbers, and location. Meta's total fine by the Data Protection Commission is over $700 million.

Most companies are unprepared for CCPA and GDPR compliance
2022-08-01 03:00

As of June 30, 2022, 91% of companies across all verticals, states, and business size that must comply with CCPA are still unprepared to meet CCPA requirements, according to CYTRIO. Further, 94% of companies that must comply with GDPR are ill prepared to meet the GDPR compliance requirements. "The majority of companies that must meet CCPA, CPRA, and GDPR compliance have a long way to go, and with enforcements looming, many are exposed to compliance enforcement fines and private-right of-action," said Vijay Basani, CEO, CYTRIO. "Through our ongoing research, we aim to educate the market on the importance of data privacy rights compliance, the need to enable consumers to easily exercise their data privacy rights, and how companies can build trust with their customers leveraging automated Data Subject Access Request submission and response solutions."

TikTok Postpones Privacy Policy Update in Europe After Italy Warns of GDPR Breach
2022-07-12 20:44

The reversal, reported by TechCrunch, comes a day after the Italian data protection authority - the Garante per la Protezione dei Dati Personali - warned the company against the change, citing violations of data protection laws. "The personal data stored in users' devices may not be used to profile those users and send personalized ads without their explicit consent," the Garante said.

How to navigate GDPR complexity
2022-05-25 04:35

There's been a lot of turbulence in the data privacy regulation space in the past couple of years. Post Brexit, there was a risk for the UK to be digitally isolated from the EU. For the moment, the General Data Protection Regulation has been kept in UK law as the UK GDPR, and the EU recognizes the UK under the GDPR and the LED as providing adequate data protection, which means that data can - for the most part - continue to flow.

Companies poorly prepared to meet CCPA, CPRA and GDPR compliance requirements
2022-04-29 03:00

As of March 31, 2022, the findings uncovered that 90% of companies are not fully compliant with CCPA and CPRA Data Subject Access Request requirements. Further, 95% of companies are using error prone and time consuming manual processes for GDPR DSAR requirements.

Facebook Hit With $18.6 Million GDPR Fine Over 12 Data Breaches in 2018
2022-03-15 23:35

The Irish Data Protection Commission on Tuesday slapped Facebook and WhatsApp owner Meta Platforms a fine of €17 million for a series of security lapses that occurred in violation of the European Union's GDPR laws in the region. "The DPC found that Meta Platforms failed to have in place appropriate technical and organizational measures which would enable it to readily demonstrate the security measures that it implemented in practice to protect EU users' data, in the context of the twelve personal data breaches," the watchdog said in a press release.

France Rules That Using Google Analytics Violates GDPR Data Protection Law
2022-02-10 23:39

French data protection regulators on Thursday found the use of Google Analytics a breach of the European Union's General Data Protection Regulation laws in the country, almost a month after a similar decision was reached in Austria. Of the data protection decree, which govern the transfers of personal data to third countries or international entities.

German Court Rules Websites Embedding Google Fonts Violates GDPR
2022-02-01 03:09

A regional court in the German city of Munich has ordered a website operator to pay €100 in damages for transferring a user's personal data - i.e., IP address - to Google via the search giant's Fonts library without the individual's consent. The unauthorized disclosure of the plaintiff's IP address by the unnamed website to Google constitutes a contravention of the user's privacy rights, the court said, adding the website operator could theoretically combine the gathered information with other third-party data to identify the "Persons behind the IP address."

Austrian watchdog rules German company's use of Google Analytics breached GDPR by sending data to US
2022-01-13 14:48

The Austrian data protection authority has ruled that use of Google Analytics by a German company is in breach of European law in light of the Schrems II EU-US data sharing ruling. Datenschutzbehörde, or DSB, has found that a German publisher, not named in the case, was in breach of Article 44 of the General Data Protection Regulation in the use and operation of Google Analytics - commonly used throughout web publishing and ecommerce - because of its movement of personal data to the United States.