GDPR Enforcement is coming says French data protection authority, CNIL.

“According to the head of France’s data protection authority, the period of relative tolerance following the introduction of the General Data Protection Regulation (GDPR) is now over.”

“Going forward, any company that has yet to comply with the rules should expect tough scrutiny and, failing

“European Union privacy regulators are ramping up enforcement of the General Data Protection Regulation as the bloc’s comprehensive privacy regime heads into its second year,” write Bloomberg’s Sara Merken and Daniel R. Stoller Esq.

Businesses “can expect in 2019 is the transition from the warning authority that explains things and conducts campaigns, to also the

“The ad tech sector was and will continue to be a focus for the Irish Data Protection Commissioner due to concerns regarding profiling, particularly using sensitive data, the use of location data, and lack of lawful bases for or individual awareness of processing.”

Additional key takeaways from the IAPP white paper on the first year

“For those who will for the first time be facing consumer data access requests under the CCPA, my advice is to get started now building automated systems when possible and human teams that can help you gather data and respond to requests in a timely manner because it takes longer and is more difficult than

  1. The French Data protection authority, CNIL, has issued a “Developer Kit” setting forth best practices for data protection.

Key takeaways:

  • Before using a development tool, especially for personal data, read the conditions of use.
  • If the data requires a maximum level of confidentiality, use tools with a local instance, rather than the cloud.
  • Conduct a

The Lithuanian data protection inspectorate issued a 61,500 EUR fine against a payment services provider for violations of the data minimization, adequate security measures and data breach reporting requirements of GDPR.

Key takeaways:

  • Data minimization:
    • Collect only the information you need. If you only need name, identification code, bank account number, currency, balance, purpose of

“C’est tres complique aujourd’hui de se declarer 100% conforme”

“In reality, it’s very complicated to declare in total and perfect conformity [with GDPR], be it today, in five or ten years, because it’s a continuous process. A company never really achieves 100% compliance, it works on it every day. It seeks to have compliance champions,