Germany:
Data Protection Authority Issues First German Fine Under GDPR
16 January 2019
by
Laurent De Muyter
,
Undine Von Diemar
,
Olivier Haas
,
Jörg Hladjk
,
Bastiaan Kout
,
Jonathon Little
,
Martin Lotz
,
Hatziri Minaudier
,
Selma Olthof
,
Audrey Paquet
,
Sara Rizzon
,
Irene Robledo
,
Elizabeth A. Robertson
and
Rhys Thomas
Jones Day
To print this article, all you need is to be registered or login on Mondaq.com.
On November 21, the Data Protection Authority of
Baden-Württemberg issued the first fine under the GDPR in
Germany against a social media provider for violating data security
requirements (source document in German). The company had notified
the authority of a data breach after becoming aware that the
personal data of 330,000 users, including email addresses and
passwords, had been stolen during a hack. The authority determined
that the company violated data security obligations under Article
32 of the GDPR, for example by storing the passwords in clear text.
The authority imposed a modest fine of €20,000 and took into
account mitigating factors such as the company's willingness to
cooperate with the authority.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Privacy from Germany
What Are Common European Data Spaces?
Arthur Cox
Broadly, common European data spaces are EU-wide common, interoperable data spaces in strategic sectors in which data pooling and sharing takes place.
Data Protection & Privacy 2024 - Turkiye
YAZICIOGLU Legal
The right to protection of personal data is regulated under the Constitution of the Turkish Republic (the "Constitution") as an individual right, since its amendment in 2010.