Irish DPC issued a EUR 265 million fine to Meta for GDPR violations
Meta receives a hefty fine worth EUR 265 from Ireland’s Data Protection Commission (DPC). The penalty is due to alleged EU General Data Protection Regulation (GDPR) violations and is now the third-largest GDPR fine ever given. Meta allegedly violated Articles 25(1) and 25(2) of the GDPR after an investigation revealed the exposure of a data set of personal information from Facebook. The DPC’s decision will compel Meta to bring its processing into compliance by taking a range of specified remedial actions within a particular timeframe.
Source: Data Protection Commission, IAPP
Snapchat to carry out a new feature in compliance with the CPRA
Snapchat will add a feature toggle switch under its Privacy Controls section in compliance with the California Privacy Rights Act, which will be enforced on Jan. 1, 2023. Users can then choose the new option at the bottom of the list that reads “California Privacy Choices.” This new feature will be implemented for Snapchat users in California to limit the app’s use of sensitive personal data. Also included is a new preference to limit the usage of sensitive personal information. This setting will require Snapchat to curb the use of personal data from the users, such as precise geolocation.
Source: TechCrunch, IAPP
Privacy Legislation Amendment Bill approved in Australia, data breach fines to increase
The final passage of the Privacy Legislation Amendment Bill 2022 has been approved by the Parliament of Australia. The legislation amends the Privacy Act of 1988. It increases the data breach fines to AUD 50 million, or the penalties could depend on data monetization and 30% of adjusted quarterly turnover under a new three-factor penalty scheme.
Source: Parliament of Australia, IAPP
Microsoft 365 products not compliant with GDPR after German evaluation
Microsoft may face legal troubles in the EU after an evaluation by a working group of German data protection authorities (DPA). It revealed that the company’s cloud-based 365 productivity products could not be used in compliance with the EU General Data Protection Regulation (GDPR). According to the group, Microsoft has not amended the compliance issues for the past two years of investigation.
Source: TechCrunch, IAPP