CASES, SANCTIONS AND CLAIMS

  • This article in Romanian explains the first GDPR fines applied in Romania and their relevance from the point of view of security obligations.
  • The French supervisory authority CNIL fines Estate Company 400K on issues of inadequate technical measures (Art. 32 GDPR) and non-compliance with retention periods (Art. 5(1)(e) GDPR).
  • The Polish DPA imposed a fine on Morele.net for insufficient organizational and technical safeguards, the amount rising up to 645,000 euros.
  • Hungarian Information Safety Authority imposed a fine of €290,000 on a digital communications supplier (Digi Zrt). The authority found a vulnerability within the web site which was not mounted for years and allowed a hacker to enter.
  • The European Council has imposed the first sanctions against cyber-attacks.

REPORTS AND ARTICLES FROM OTHER ORGANISATIONS

OFFICIAL GUIDELINES, REPORTS AND STATEMENTS