German Authorities Issue 41 GDPR Fines: Report

German Authorities Issue 41 GDPR Fines: Report

by , February 25, 2019
 

German Authorities Issue 41 GDPR Fines: Report | DeviceDaily.com

 

The sums may pale next to the €50 million fine doled out to Google by French authorities, but Germany has imposed several GDPR-related penalties and is considering others.

A survey by Handelsblatt shows that 41 fines have been issued by German privacy authorities through mid-January of this year, according to an analysis by Mondaq. 

The highest fine has been €80,000 — for an entity that allowed health-related data to be publicly seen, the report continues. In addition, a €20,000 penalty was imposed on the chat portal Knuddels.de by the State Data Protection and Freedom of Information Officer for Baden-Württemberg.

The offense: A 2018 data breach in which hackers captured personal data, using passwords allegedly saved in plain text on the company server.

“Some state data supervisory authorities are still hesitant to issue fines,” Mondaq advises. “However, companies should not rely on this.” Instead, they should view the fines as motivation to update their data protection policies as needed, it adds. And they should cooperate with authorities in the event of a data breach. Such behavior is rewarded.

In another action, Germany’s Bundeskartellamt, or Federal Cartel Office warned Facebook that it must stop collecting data on unsuspecting consumers and combining it with their Facebook accounts within the year.

This is Germany’s anti-trust watchdog, not its privacy authority.

Facebook said it will challenge the  Bundeskartellamt in court. 

Similarly, Google is planning to fight the fine levied by France’s Commission Nationale de l’Informatique et des Libertés (CNIL).

The CNIL alleges that Google is not being transparent and providing data to users, as required under the GDPR. In January, the Austria-based privacy group None Of Your Business (Noyb) filed actions against Apple, Amazon, Netflix, Youtube, Spotify and three other firms, alleging that they failed to provide requested data. 

Google’s chief data officer Keith Enright said last week that the firm’s CNiL case — and others involving multinationals —  are likely to come before Europe’s highest court.

“We disagree on the law,” Enright said in a speech before the Institute of International and European Affairs in Dublin, according to The Irish Times. “We disagree with the opinion the [CNIL] reached, but we recognize that there is ambiguity.”  

He noted, however, that “all of this is clear evidence that we remain in a position of considerable uncertainty for the foreseeable future.”

 

 

MediaPost.com: Search Marketing Daily

(14)