Company Fined 725,000€ for Collecting Employee’s Fingerprints

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, “Dutch DPA”) recently fined a company for violating the General Data Protection Regulation (GDPR) by collecting personal data using fingerprint systems. Under the GDPR, ”biometric data means personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a natural person, which allow […]

5 Data Privacy Violations that Led to Fines

1. Accessing personal data without authorization Since the General data Protection (GDPR) has been enforced, many sanctions have been applied to data handlers for not complying to certain provisions of the law. For the first time, an employee was sentenced to 6 months of prison for violating the GDPR. The news comes from England. According […]

Cathay Pacific

Data Privacy News Bytes 6th March 2020

Cathay Pacific fined £500,000 for failing to protect customer data Yet another airline is handed a significant fine for failures to protect their customer data. Between May 2014 and October 2018, Cathay Pacific’s IT systems lacked proportional security, leading to the unauthorised access of millions of personal data records. Because the vulnerability was active before […]

Marriott Hotels

Marriott Faces over £99m GDPR Fine

Marriott International (Marriott) faces a £99m fine or more for a data breach that took place in 2014 at the Starwood hotels group due to poor security practices. Marriott acquired Starwood in 2016 and, according to the UK Information Commissioner’s Office (ICO), did not undertake sufficient due diligence during the acquisition of the group. Further, […]