Proposed fruits of the Irish DPC's three-year investigation into Facebook's consent and transparency violations are GDPR fines that would amount to a maximum of about $36 million to $42 million, or what the company makes roughly every two hours.
Concerns about data protection and user privacy have spurred a new type of market, where spending on tools that promise such protection is expected to exceed $8 million in 2022.
One probe calls TikTok’s #GDPR compliance into question due to data transfers to China. The other is on a theme that has been causing TikTok problems for years now: its collection and handling of the personal data of children.
Comprehensive mandates like the California Privacy Rights Act (CPRA) require extensive preparation—those with processes in place before it arrives will manage it best, and perhaps even derive benefits from it.
Many businesses are still struggling to understand and comply with data protection laws and regulations. Study finds that 62.4% of companies are still not ‘completely compliant’ with data regulations which means vulnerable consumers.
Outgoing UK Information Commissioner Elizabeth Denham has suggested a shift in focus from individual cookie popups at each website to regulation of browsers and devices as the source of expressing user tracking preferences.
The Irish DPC has taken some heat for perceived softness in issuing GDPR fines to Big Tech. A $267 million fine issued to WhatsApp is the first substantial amount that the Irish regulator has assessed, but it comes amidst accusations and criticism.
Facebook, Google and Netflix are facing fines and actions for privacy violations, with Facebook assessed the second-largest amount in the country's history for its treatment of facial recognition templates.
The UK is now firming up what its data handling and privacy rules will look like post-Brexit. The lead item is an announcement of partnerships with countries that have lost "trusted partner" status in the EU, most notably the United States.
Germany's data protection authority has determined that Zoom's data transfers to the U.S. are in violation of the terms of the GDPR in light of the Schrems II ruling, and has issued a formal warning.