Amazon under scrutiny over ring camera privacy concerns
Consumers have voiced concerns about potential breaches and misuse of ring camera footage. In response to numerous complaints about unauthorized access, the US Federal Trade Commission (FTC) has launched an investigation into Amazon's ring camera privacy practices. The investigation reflects growing regulatory attention to data privacy, covering home surveillance technologies.
Credit and analytics services company fined €2.7 million for large-scale personal data collection
Experian, one of the leading global credit reporting and data analytics firms, has been fined €2.7 million for multiple breaches of the General Data Protection Regulation (GDPR). Following several individual complaints, the Dutch Data Protection Authority (AP) investigated how the company processed personal data it had gathered. The inquiry revealed that Experian collected personal data from numerous public and private sources such as the Chamber of Commerce register and telecom providers selling customer information, used the data improperly, and failed to inform individuals about such practices. The AP concludes that Experian failed to inform people about collecting their personal information, obtain their consent, and justify why it needed to gather the data.
France investigates Apple over Siri data privacy violations
The Paris public prosecutor has opened an investigation into Apple after a French NGO accused the company of illegally gathering and processing Siri voice recordings. According to a whistleblower, subcontractors reviewed thousands of audio samples, potentially compromising users' personal and identifiable data without their consent, to refine Siri's functionality. Following a French class action and a $95 million settlement in the US, Apple faces continued scrutiny over its data practices and compliance with EU privacy standards. The company insists, however, that voice recordings are not stored without explicit user consent.
Austrian Data Protection Authority rules Microsoft 365 unlawfully monitored schoolchildren's data
The Austrian Data Protection Authority (DSB) concluded that Microsoft 365 illegally tracked students' data for its own purposes. Microsoft had shifted responsibility for privacy compliance onto schools, which, according to the DSB, had little control over their contracts with the tech giant, leaving them in a "take it or leave it" situation. The DSB also determined that Microsoft used tracking cookies without user consent and failed to ensure students' access to their personal data. 3 The company was ordered to grant data access to affected individuals, delete the information afterward, and clarify the meaning of its business purposes, such as "business modelling", including whether these involve sharing data with LinkedIn, OpenAI, or Xandr. Microsoft was held directly accountable despite claiming its Irish subsidiary was responsible for Microsoft 365 operations in Europe.
Tractor Supply Company fined $1.4 million for privacy breaches
California's privacy regulator issued a record $1.35M fine against Tractor Supply for failing to provide proper applicant privacy notices, honor opt-out signals (including GPC), implement valid data-sharing agreements, and maintain compliant privacy policies. The case highlights that job applicant data is fully protected under California law, investigations can begin with a single complaint, and post-incident remediation does not prevent penalties. Employers are advised to ensure compliant notices, functional opt-outs, proper vendor contracts, and updated data-mapping practices.
Spanish media take Meta to court for €550 million over data protection
A Spanish court has opened a trial where over 80 Spanish media organisations are seeking approximately €550 million from Meta Platforms, alleging that between May 2018 and July 2023 it breached EU data-protection rules and gained an unfair competitive advantage in digital advertising.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
